December 01, 2022

Cybercriminals attack users with 400,000 new malicious files daily – that is 5% more than in 2021

In 2022, Kaspersky’s detection systems discovered on average 400,000 malicious files distributed every day, indicating a 5% growth compared to 2021. The number of certain types of threats also escalated: for example, Kaspersky experts discovered the 181% increase in the proportion of ransomware detected daily. These and other findings are part of Kaspersky Security Bulletin (KSB) – an annual series of predictions and analytical reports on key shifts within the cybersecurity world.

Kaspersky’s detection systems discovered an average of 400,000 new malicious files daily over the past 10 months. By comparison, about 380,000 of these files were detected every day in 2021, demonstrating a 5% jump. In total, Kaspersky’s systems detected approximately 122 million malicious files in 2022, 6 million more than last year.

Average daily number of malicious files detected by Kaspersky security solutions from 2019 to 2022 (1^st January – 31^st October)

Kaspersky’s researchers discovered that the share of ransomware encountered daily increased by 181% compared to 2021, reaching 9,500 encrypting files per day. Among other threats, Kaspersky security solutions also detected the 142% growth in the share of Downloaders – malicious programs that install new versions of malware or unwanted applications on infected devices.

Windows continued to be the prime target of attacks among all platforms where threat families were spread. In 2022, Kaspersky experts discovered an average of nearly 320,000 malicious files attacking Windows devices. Out of all malicious files spread, 85% of them targeted Windows. However, Windows is not the only popular platform for attackers. This year, Kaspersky's detection systems also discovered that the share of malicious files in Microsoft Office formats distributed daily doubled (236% of growth).

In 2022, Kaspersky experts also identified a 10% increase in the share of malicious files targeting the Android platform every day. So, in addition to Windows and Office files, Android users have also become some of the favorite targets of fraudsters. The infamous 2022 campaigns Harly and Triada Trojan, which ambushed thousands of Android users around the world, are prime examples of this trend.

“Considering how quickly the threat landscape is expanding its boundaries and the number of new devices appearing in users’ daily lives, it's quite possible that next year we'll be detecting not 400,000 malicious files per day, but half a million! Even more dangerous is that, with the development of Malware-as-a-Service, any novice fraudster can now attack devices without any technical knowledge in programming. Becoming a cybercriminal has never been so easy. It is essential not only for large organizations but also for every ordinary user to employ reliable security solutions, thus avoid falling a victim of cybercriminals. Kaspersky experts, in turn, will do their best to protect against these threats and save users from losses so that their daily online experience is completely safe,” comments Vladimir Kuskov, head of anti-malware research at Kaspersky.

To learn more about the growth of malicious activity, read the full analytical report on Statistics of the Year at Securelist.com

These findings are part of Kaspersky Security Bulletin (KSB) – an annual series of predictions and analytical reports on key shifts within the cybersecurity world. Follow this link to learn more about other KSB pieces.

To stay protected, Kaspersky also recommends users the following:

Do not download and install applications from untrusted sources
Do not click on any links from unknown sources or suspicious online advertisements
Create strong and unique passwords, including a mix of lower-case and upper-case letters, numbers, and punctuation, as well as activating two-factor authentication
Always install updates. Some of them may contain critical security issue fixes
Ignore messages asking to disable security systems for office or cybersecurity software
Use a robust security solution appropriate to your system type and devices, such as Kaspersky Internet Security or Kaspersky Security Cloud. It will tell you which sites shouldn’t be open and protect you from malware

To stay safe, Kaspersky recommends organizations to:

Always keep software updated on all the devices you use to prevent attackers from infiltrating your network by exploiting vulnerabilities.
Establish the practice of using strong passwords to access corporate services. Use multi-factor authentication for access to remote services.
Choose a proven endpoint security solution such as Kaspersky Endpoint Security for Business that is equipped with behavior-based detection and anomaly control capabilities for effective protection against known and unknown threats.
Use a dedicated set for effective endpoint protection, threat detection and response products to timely detect and remediate even new and evasive threats. Kaspersky Optimum Security the essential set of endpoint protection empowered with EDR and MDR.
Use the latest Threat Intelligence information to stay aware of actual TTPs used by threat actors.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more atwww.kaspersky.com.