Kaspersky Security Bulletin 2024: Surge in Cyber Threats and Malware Activity

2024 Sees 14% Increase in Malicious File Detections; Windows Remains Primary Target for Cyberattacks

Kaspersky’s detection systems uncovered an alarming rise in cyber threats in 2024, identifying an average of 467,000 malicious files daily—a 14% increase compared to the previous year. This surge highlights the growing sophistication and volume of cyberattacks, with certain types of threats, such as Trojans, experiencing a significant increase.

The Kaspersky Security Bulletin (KSB), an annual report on key cybersecurity trends, reveals that Trojans saw a 33% rise in detections from 2023 to 2024. This reflects broader trends of increasing threat complexity, with cybercriminals evolving their techniques to breach systems and gain unauthorized access to sensitive data.

Key Threat Trends Identified

• Windows Targeted: Windows operating systems continued to be the primary target for cybercriminals, with a staggering 93% of all detected malware targeting Windows-based devices.
• Trojan Detections: The detection of Trojan malware has become a growing concern, showing a 33% surge compared to the previous year. This trend highlights a shift in cyberattack strategies, with cybercriminals deploying Trojans to infect systems silently and steal sensitive data.
• Trojan Droppers: One of the most concerning findings was the 150% increase in Trojan droppers. These malicious programs are designed to stealthily introduce additional malware onto victim devices, creating multiple entry points for attacks without the user’s awareness.
• Malicious Use of Office Documents: Microsoft Office document formats and various scripts have also emerged as common delivery methods for malicious payloads, making up 6% of all malicious files detected daily. These threats typically exploit trusted software to deceive users into executing harmful code.
• AI-Powered Threats: The rise of AI-assisted cyberattacks has become a notable trend in 2024. Cybercriminals have begun leveraging artificial intelligence tools to automate malware generation and facilitate phishing schemes, making attacks more effective and harder to detect.

Vulnerabilities in Trusted Relationships and Supply Chains

According to Vladimir Kuskov, Head of Anti-Malware Research at Kaspersky, 2024 saw a marked increase in cyberattacks targeting trusted relationships and supply chains, including well-known incidents like the XZ case, which involved attacks on open-source software packages. These types of attacks are particularly dangerous because they exploit the trust inherent in business partnerships and software dependencies.

Kuskov also pointed out the widespread rise in phishing campaigns and banking malware, further underlining the evolving threat landscape. As adversaries continue to refine their strategies, the number of new threats grows annually, making it increasingly difficult for users and organizations to stay ahead.

How to Stay Protected

With the threat environment growing more complex, Kaspersky offers the following recommendations to help both individual users and businesses safeguard their systems:

1. Avoid Untrusted Sources: Refrain from downloading and installing applications or files from unreliable or unverified sources, as they often harbor malware.
2. Enable Two-Factor Authentication (2FA): Whenever available, use 2FA to add an extra layer of protection for your accounts.
3. Use Strong, Unique Passwords: Create passwords with a mix of lower and upper case letters, numbers, and special characters. Consider using a password manager to generate and store complex passwords securely.
4. Install Updates Promptly: Always install system and software updates as soon as they are released, as they often include critical security patches.
5. Use Comprehensive Security Software: Kaspersky recommends using a reliable, comprehensive security solution such as Kaspersky Premium, which provides advanced protection against a wide array of cyber threats, including ransomware, phishing, and Trojans.

The Growing Threat Landscape

As we look to 2025, the cyber threat landscape is likely to continue evolving with increasing use of AI, targeted attacks on trusted software ecosystems, and advanced malware techniques. Staying informed about emerging threats and implementing proactive security measures are key to mitigating these risks.

Kaspersky continues to be at the forefront of identifying and combating the latest cyber threats, ensuring that both individuals and organizations are equipped with the tools and knowledge to stay secure in an increasingly hostile digital world.