A report from Microsoft indicated that as attacks against software are becoming more difficult and expensive, cybercriminals are increasingly turning to deceptive tactics for malicious purposes. In the last quarter of 2013, the number of computers that had to be disinfected as a result of deceptive tactics more than tripled.
This increase in deceptive tactics corresponds with a 70 percent decline in the number of severe vulnerabilities exploited in Microsoft products between 2010 and 2013. This is a clear indication that newer products are providing better protection. Additionally, the increased adoption of several key security mitigations across the industry are making it more difficult and expensive for cybercriminals to develop software exploits.
“Keeping cybercriminals on the run requires a robust security strategy,” said Tim Rains, director, Trustworthy Computing, Microsoft “The safest houses don’t just have locked doors, they have well-lit entry points and advanced security systems. It’s the same with computer security – the more we layer our defenses the better we are at thwarting attacks.”
According to Microsoft’s new data, one of the most common tactics used was deceptive downloads; which are identified as a top threat in 95 percent of the 110 countries/regions that Microsoft’s data examined. With deceptive downloads, the infected machines often continue to function, and the only observable signs of the malicious download might be a slower computer or unexpected search results popping up in a browser. Over time, fraudulent activity like click fraud generated from the infected computer can tarnish an individual’s online reputation.
“Of serious concern in Africa is the threat posed from illicit software downloaded from the internet, which is infected with malware deliberately bundled by cybercriminals,” says Daniel Kamau Anti-piracy Lead for sub-Saharan Africa. “With the internet population on the continent fast-growing, downloading software online is a popular alternative but can have serious consequences if it’s not legitimate,”
Ransomware, another deceptive practice, often pretends to be an official-looking warning from a well-known law enforcement agency. It accuses its victim of committing a computer-related crime and demands they pay a fine to regain control of the computer. the top ransomware threat encountered globally increased by 45 percent between the first half and the second half of 2013.
Microsoft advises customers take actions to help keep themselves protected, including: using newer software whenever possible and keeping it up to date, only downloading from trusted sources, running antivirus, and backing up files.
“Migrating to Windows 8.1 gives users a chance to modernize their business, and prevent their systems from being attacked by malicious software. The End of support service is an opportunity for users to build a secure and robust working ecosystem to avoid any software compliance issues,” said Hasmukh Chudasama, Microsoft Solutions Business Manager at Dimension Data, E.A.
Microsoft releases its cyber security report twice a year, which culminates data from more than a billion systems worldwide and some of the busiest online services. To learn more about the report findings visit www.microsoft.com/sir.