Looking Back: 20 Years of Malware Evolution

MALWARE EVOLUTION

2 The evolving threat landscape

THE SCALE OF THE THREAT

1NEW VIRUS EVERY HOUR

19941NEW VIRUS EVERY MINUTE

20061NEW VIRUS EVERY SECOND

2011310,000NEW SAMPLES EVERY DAY

2016

Main Figures and Statistics

IT THREAT EVOLUTION: Q1 2016

4

MAIN STATISTICS Q1 2016Kaspersky Lab solutions repelled 228,420,754 attacks launched from online resources located all over the world.

74,001,808 unique URLs were recognized as malicious by web antivirus components.

Crypto ransomware attacks were blocked on 372,602 computers of unique users.

Kaspersky Lab mobile security products detected:

2,045,323 installation packages

4,146 new malicious ransomware trojans

2,896 mobile banking Trojans

5

VULNERABLE APPLICATIONS USED BY CYBERCRIMINALSThe top position in the Q1 2015 rankings was occupied by the Browsers category (64%), which includes exploits targeting Web Browsers. This category was also at the top of the rankings in the last three quarters of 2015.

In Q1 2016, exploits for Adobe Flash Player remained popular. During the reporting period two new vulnerabilities in this software were detected: CVE-2015-8651 CVE-2016-1001The first exploit pack to add support for these vulnerabilities was Angler.

One notable event in the first quarter was the use of an exploit for Silverlight - CVE-2016-0034. At the time of publication, this vulnerability is used by the Angler and RIG exploit packs.

Main Figures and Statistics

MOBILE THREATS: Q1 2016

7

MOBILE THREATS – MAIN STATISTICS Q1 2016Kaspersky Lab detected 2,045,323 malicious installation packages – this is 11 times greater than in Q4 2015, and 1.2 times more than in Q3 2015.

8

MOBILE THREATS – MAIN STATISTICS Q1 2016In Q1 2016, adware programs continued to top the rating of detected malicious objects for mobile devices. The share of adware programs grew 13 p.p. compared to Q4 2015, and reached 42.7%. Notably, this is lower than in Q3 2015 (52.5%).

9

MOBILE BANKING TROJANSOver the reporting period, we detected 4,146 mobile banking Trojans, which is 1.7 times more than in the previous quarter. (percentage of all users attacked)

Current Topics

MALWARE INCIDENTS

11

KASPERSKY SECURITY FOR MOBILEProactieve beveiligings-, beheer- en controlelagen voor mobiele endpoints

Mobile Security• Meerlaagse

anti-malware• Web Protection• Detectie van

rooting/jailbreak

Mobile DeviceManagement• Exchange

ActiveSync• iOS MDM • Samsung

KNOX

Mobile Application

Management• App wrapping• App Control• Selective Wipe

Diefstalbescherming

• Vergrendelen/wissen

• Opsporen/Waarschu-wen/Foto

• SIM Watch

Self Service Portal

• BYOD mogelijk• Certificaten

ophalen• Diefstalbescherm

ing

Gecentraliseerd beheer

• Alle grote mobiele platforms

• Andere IT-beveiligingsdomeinen

12

RANSOMWARE – PROBLEM OF THE YEAR?2016 has only just got underway, but the first three months have already seen the same amount of cyber-security events that just a few years ago would have seemed normal for a whole year. The main underlying trends remained the same, while there was significant growth in trends related to traditional cybercrime, especially mobile threats and global ransomware epidemics.

Ransomware became the main theme of the quarter after knocking targeted attacks from the top of the most popular threat rating. Unfortunately, this is a situation that will continue to evolve, and those behind the extortion could well end up being named "problem of the year".

13

RANSOMWAREThe overall number of encryptor modifications in our Virus Collection to date is at least 15,000. Nine new encryptor families and 2,900 new modifications were detected in Q1.

In Q1 2016, 372,602 unique users were attacked by encryptors, which is 30% more than in the previous quarter. Approximately 17% of those attacked were in the corporate sector.

Number of ransomware samples in our collection Number of users attacked by ransomware

14

APPLICATION CONTROL - WHITELISTING

Application Startup Control

Application Privilege Control

Controle op vulnerability

Gedrags- analyse

CLOUD Whitelists

Lokale Whitelists

15

TELEWERKEN

Organisaties die telewerken toestaan, behoren een beleid uit te vaardigen dat de voorwaarden en beperkingen definieert voor het telewerken.

DeviceControl

ApplicationControl

WebControl

16

BEHANDELEN VAN MEDIAUw organisatie dient procedures te hebben voor het beheer van verwijderbare media waarop persoonsgegevens worden opgeslagen en die de beveiligingsperimeter van uw organisatie kunnen verlaten. Denk hierbij ook aan de verwijderbare media in apparatuur zoals multifunctionele printers en copiers.

Uw organisatie moet de nodige maatregelen bepalen om fysieke media (inclusief papieren documenten) die persoonsgegevens bevatten tijdens het transport te beschermen tegen onbevoegde toegang, misbruik of corruptie.

17

BESCHERMING TEGEN MALWARE

Ter bescherming tegen malware (voorkomen, ontdekken en verwijderen/herstellen) behoort uw informaticadienst anti-malware en herstelsoftware te installeren en regelmatig te updaten, waarbij computers en media als voorzorgsmaatregel of routematig worden gescand.

De uitgevoerde scan behoort onder meer:

alle bestanden die via netwerken of via elke vorm van opslagmedium zijn ontvangen, vóór gebruik op malware te scannen; bijlagen en downloads vóór gebruik. Op malware te scannen en dit op verschillende cruciale plaatsen in uw netwerkconfiguratie (mailservers, computers, netwerktoegang...);internetpagina’s op malware te scannen. Nauwkeurige en informatieve waarschuwingsberichten in het geval van een reële bedreiging kunnen het bewustzijn van de gebruikers vergroten

MOST TESTED. MOST AWARDED. KASPERSKY LAB PROTECTION.*

18

20 40 60 80 1000%

20%

40%

60%

80%

100%

N of independent tests/reviews

Scor

e of

TO

P 3

plac

es

Bitdefender

Sophos

G DATA

Symantec

F-Secure Intel Security (McAfee)

Trend Micro

Avira

Avast

AVG

ESET

Quick Heal

MicrosoftPanda Security

In 2015 Kaspersky Lab products participated in 94 independent tests and reviews. Our products were awarded 60 firsts and achieved 77 top-three finishes. Kaspersky Lab

1st places – 60Participation in 94

tests/reviewsTOP 3 = 82%

BullGuard

* Notes:• According to summary results of independent tests

in 2015 for corporate, consumer and mobile products.

• Summary includes independent tests conducted by : AV-Comparatives, AV-Test, Dennis Technology Labs, MRG Effitas, NSS Labs, PC Security Labs, VirusBulletin.

• Tests performed in these programs assess all protection technologies against known, unknown and advanced threats.

• The size of the bubble reflects the number of 1st places achieved.

19

IN DETAILWeb Collaboration MailTOTAL

Vulnerability Assesment

Inventories & License Control

Software Distribution

Patch Management OS Deployment

Data Protection / Encryptie

ADVANCED

Mobile Application Management

MobileDevice Management

DeviceControl

ApplicationControl

WebControl

Beveiliging van file servers

Mobile Endpoint SecuritySELECT

Anti-malware + firewall

Kaspersky SecurityCenter

CORE

Cloudondersteuning via hetKaspersky Security Network

(KSN) Endpoint Management Infrastructuu

r