Malware Statistics 2020: A look at Malware Trends by the Numbers
Having a personal computer, tablet, or smartphone is amazing. Most of us these days store all kinds of digital media and data, whether that’s songs or bank records, and we may not spare much thought to how safe all that information is. The truth is that all digital information is at risk from malware, and not protecting yourself appropriately could mean disaster. What’s malware? How prevalent is it? How can you protect yourself? We’ve got everything you need to know right here.
What is Malware?
Malware is a very broad term. Basically, malware is a disease for computers. And just like with diseases, there are many different kinds of malware. Malware is an umbrella term that refers to any programme or code that can harm your digital devices. The main kinds of malware that most of us are familiar with are:
- Viruses: A virus is a harmful piece of code that enters your computer through being downloaded, or when you click a link. Viruses come in many shapes and forms and can have many effects on your device.
- Spyware: Spyware is a particular kind of programme that enters your device (again, through being unintentionally downloaded or by you clicking on a bad link). Spyware watches what happens on your device and can capture information such as passwords or bank account numbers. It may also turn on your webcam and use this to watch what you type or to catch you doing something that might be embarrassing if others saw the video…
- Ransomware: Ransomware is a programme that enters your device (again, downloading, link clicking) and holds your device hostage. The programme will threaten to destroy your information unless you pay a ransom (which is generally in the form of Bitcoin nowadays, though it may be a wired amount of money).
The term malware is a shortened version of the phrase “malicious software” and rather obviously, you’d rather that your devices weren’t infected!
What Are the Consequences of Having Malware?
Because malware refers to so many different kinds of bad programmes there are many potential consequences to your device becoming infected. These range from the mildly inconvenient to the truly disastrous. Possibly outcomes for devices infected with malware are:
- Your device runs more slowly and less efficiently
- Your data becomes corrupt so you can’t access it
- Your data disappears entirely
- Your passwords are stolen, which can lead to many things such as having money stolen from your online bank account, thieves using your saved credit card to buy things through online platforms like Amazon, or even to having your identity stolen so that thieves can use your identity to get credit cards and take out loans
- You’re forced to pay money in order to retrieve your data, or in order that thieves don’t show compromising video or information to the public (a common threat is to email a video or picture to everyone you’re friends with on Facebook)
- Your device becomes completely unusable and needs to be replaced
- You lose sensitive information that may affect not just you personally but others you know and even your job
No, these risks aren’t overstated. There are some very severe consequences to having a malware infected device.
The scary thing is that malware is a huge problem in the IT community. One that effects personal users, companies, even big businesses like Facebook and antivirus companies. The threat cannot be underestimated, and the numbers get pretty terrifying. Each year, Malwarebytes, a company devoted to protecting against and eliminating malware, releases an annual report on the state of malware. Their report for 2018 contains the following huge numbers:
- There were 750 million malware attacks detected on personal computers in 2018
- There were 75 million malware attacks detected on business or company servers in 2018
Those are some pretty impressive numbers. Additionally, Malwarebytes breaks down the most common kinds of malware found for personal users in 2018. The top five, in order of the most common threat to the least common, are:
- Adware: a kind of malware that makes advertisements pop up on your screen without your permission
- Trojan Viruses: a kind of virus that’s packed inside a legitimate programme and that can be used to gain access to your device and your data. Because they’re generally put into software that’s legitimate and that you want to download they’re particularly easy to get.
- Riskware Tool: a kind of tool that hackers implant into your system and then can use against you.
- Backdoor: a programme that enters your device and “leaves the backdoor open” so that hackers can get into your system.
- Hacktool: similar to Riskware Tool, a tool that hackers send into your system that they can then use against you.
In addition to this information, there are more pertinent statistics about malware below:
- 20% of malware comes from China, 11% from the Russian Federation, so hackers aren’t necessarily in your backyard
- In terms of apps (for both phones and computers), lifestyle apps are the most likely to give you malware. 27% of app malware comes from lifestyle apps, a further 20% come from music and audio apps
- The most common way for users to get malware in 2017 was through phishing emails which look legitimate and lead to you downloading something unsavoury or clicking a malicious link
- In 2017 there was a rise of 88% in the kinds of malware detected, meaning that hackers are changing malware frequently to make it more difficult for anti-virus programmes to detect
- One out of every 13 internet requests (searches, links, etc.) leads to malware
- Around 24,000 malicious apps get blocked every day
- The average cost of cybercrime (including damages, money lost, etc.) rose by a whopping 27% in 2017
- The average cost for a victim of malware is $141 (£111), though obviously, some lose less than this and others lose far, far more
Perhaps the most important take home here is that malware attacks are increasing exponentially over time. According to AV-Test.org, an organisation devoted to protecting against malware, rates are rising incredibly, with the following numbers reported over the last five years:
- 470 million in 2015
- 5 million in 2016
- 719 million in 2017
- 857 million in 2018
- 907 million in 2019 (projected)
Finally, here are a few more frightening statistics, gleaned from safeatlast, a site that records malware versions and statistics:
- 350,000 malware versions are identified every day
- A new malware programme is released every seven seconds
- Malware activity has increased by 61% over the last year
- The cost of malware attacks is going up to, with companies and people losing around 11% more money in 2018 than in the previous year
- 82% of malware comes through legitimate sites that have been hacked
- Mac users aren’t safe! There’s been a 270% increase in malware attacks on Apple systems over the last year
Who is Affected by Malware?
For once, this is actually a really easy question to answer. Everyone is affected by malware. Everyone is at risk. Yes, those who don’t run up to date anti-virus software are more at risk, but frankly, anyone can get attacked by malware. Malware versions change exceptionally quickly, meaning that even the most up to date anti-virus programmes may not be able to recognize the most recent malware versions. You can lower the risk, but you can’t eliminate it completely (unless you don’t go online at all).
One of the main reasons that there’s no real “risk group” here is that hackers don’t tend to target individuals. They perform mass or block attacks, meaning that a phishing email, for example, will get sent to tens of thousands of people in the hope that at least a few people will fall for it.
How Do I Know If I Have Malware?
The most common way to know that you have malware is because your anti-virus programme alerts you to the fact that you do and that the problem is being fixed. However, not all malware gets caught immediately, and not everyone runs up to date anti-virus software. Here are some signs that your device might be infected:
- Your device slows down (this happens because malware is running in the background, reducing your speed)
- You get tons of ads popping up on your screen in a way that normally doesn’t happen
- Your device keeps crashing or freezing
- Your available memory starts to shrink (you can check how much memory is being used through the control panel of your computer or tablet or through the settings menu of your phone) for no reason, meaning you haven’t just downloaded a ton of music, for example
- Your device’s activity is “off.” Maybe the device shows as online when it isn’t, maybe your computer fans start working when they shouldn’t be, but your device just isn’t acting in the way it normally does
- New things start to happen. Your homepage changes when you access the internet, your toolbar looks different, things just don’t look right
- Your anti-virus stops working because malware has disabled it. Perhaps you no longer get that pop up once a day that tells you you’re virus free, or telling you to upgrade to a better version, you notice that your anti-virus programme no longer communicates with you
- And finally, there’s the truly obvious sign: someone contacts you to tell you that you have a virus. This tends to happen in ransomware cases, where hackers contact you telling you to pay up.
Wait, How Did I Get Malware?!
There are many ways that you can get malware. However, it all generally boils down to one thing: you accessed something that you shouldn’t have. Perhaps you visited a website that wasn’t exactly reputable, perhaps you clicked a link or downloaded something that directed you towards a site or that gave you malware. There’s no one way that this is going to happen, meaning it’s extra tough to protect yourself. In general, though, you probably got malware through clicking a link, downloading a file or app, or visiting a website that came from a non-trusted source, meaning a source that you’re not familiar with.
What Do I Do If I Have Malware?
In nearly all cases getting rid of malware is fairly easy as long as you detect it early. You don’t need to be a tech wizard either. You should take the following steps:
- Download a decent and reputable malware detection software. Malwarebytes is the most frequently used programme, but there are others both paid and free. Just ensure that you’re going with a programme that has good, legitimate reviews (or risk downloading even more malware!)
- Install the programme and run a scan, following all the instructions that you’re given. This should be enough to remove malware from your system, but you’re not quite done yet…
- Go through and change ALL your passwords, including the password to your device as well as all account passwords. Since you don’t know how much information on your device may have already been compromised you need to protect against further attacks.
If the above has not worked for you then you need to turn to the professionals. The longer you leave malware active, the more damage it will do, so it’s not a good idea to experiment with fixing your problems yourself. If commercially available anti-malware programmes haven’t done the job then take your device to a qualified repair service ASAP.
If you get communication from a hacker demanding money or Bitcoin in order to prevent something happening (your device being wiped, incriminating pictures being sent to Facebook friends, that kind of thing) then do run the above anti-malware programme. However, you should also report the threat to ActionFraud, the UK police’s cybercrime division. You will receive professional help from them if you call their emergency number at 0300 123 2040.
How Can I Protect Myself Against Malware?
There are no guarantees when it comes to malware. You can’t 100% protect yourself, but you can certainly lower the risk of a device getting malware significantly by practising safe online and device behaviours, including the following:
- Run anti-virus and anti-malware programmes on your devices, schedule regular scans of your system (at least once a week)
- Do NOT ignore messages that say you need to update your anti-virus or anti-malware programme! Frequent updates are necessary so that programmes can recognise the newest threats
- Do not access websites that you are completely unfamiliar with. If you’re not especially web-savvy make sure that your web browser is also running anti-virus software (McAfee, for example, will scan websites and downloads for malware)
- Do not click on links or download attachments in emails unless you are 100% sure of the source. Be aware that companies can get hacked or spoofed, so even if an email looks legitimate it might not be (see our article on phishing for more info on this)
- Do not download apps or programmes that you aren’t completely sure about. Look for customer reviews before downloading to try and ensure that programmes or apps are trustworthy.
- Do not download apps outside of your regular app store
- Never click on pop up ads that appear in your internet browser
Malware: The Bottom Line
Malware is a rapidly increasing problem for all device users, whether you’re on a computer, tablet or mobile phone. The potential consequences of a malware infection can be huge, and if nothing else, you’ll certainly be inconvenienced by a slow device. You can’t completely eliminate the threat of infection. But by being cautious and using good judgement, as well as keeping your device and anti-virus/anti-malware programmes up to date, you can minimise the threat against you.
In the modern world, we depend on our electronic devices. But as more and more information is stored digitally, we have to become more aware of potential threats against those devices. Being informed is the first step, after that, it’s up to you to make sensible decisions when online.