08 May 2014

Cybercriminals Devise New Tricks to Dodge Security, Microsoft Says

As security solutions grow more efficient, cyber criminals are shifting to more sophisticated “deceptive” tactics, including malicious downloads and ransomware, according to a cybersecurity report from Microsoft.

Real-time security software is successfully protecting more than three-quarters of Internet-connected PCs worldwide so cyber attackers have been forced to develop new techniques, Microsoft says.

In the second half of 2013, malicious downloads were the most frequent type of malware in 95% of the 110 countries analyzed. Cybercriminals are tricking people into installing malware by bundling it with legitimate content downloaded online.

The most frequent ransomware threat, Reveton, showed a 45% global increase between the first and second half of 2013.

In the past three years, the number of exploitable vulnerabilities exploited in Microsoft products has decreased due to DEP and ASLR, two technologies that stop attackers from directly executing data as if it were code. The riskiest vulnerability comes from zero-day exploits, discovered before the publisher of the affected software can release a security update, Microsoft says.

Denmark, Finland, Iceland, Norway, Sweden and Japan were the countries least exposed to malware while Brazil, Russia, and France saw higher malware rates.