Petya GDATA Ransomware

As 2019 draws to a close, there appears to be good news in the desktop security world. A Microsoft report (via ZDNet) suggests malware, ransomware, and cryptominer infections have fallen since last year.

“Some potential reasons for the overall decrease in malware encounter rates in 2018 are the growth in adoption of Windows 10, and increased use of Windows Defender for protection,” said the company.

The average encounter rate for malware fell from 4.40% in October 2018 to 3.21% in 2019. Year-over-year month comparisons to March show a more drastic 4.33% change. On average, 2018 saw a 5.07% encounter rate versus 2019’s 3.31%.

Though we’re talking about single-digit percentages here, the differences could mean millions of safer users. Ransomware had an average encounter rate of 0.05% last year but fell to 0.03% this year. Microsoft puts this down to attackers realizing that victims are refusing to pay ransoms, instead restoring from backups.

Crypto Down, Phishing Up

Cryptominers, meanwhile, had an average encounter rate of 0.12% last year, and 0.05% this. That’s a significant drop, and Microsoft believes infections generally relate to the price of popular cryptocurrencies.

Unfortunately, it’s not all good news. Microsoft has seen an uptick in the number of detected phishing emails, from 0.39% in October 2019 to 0.65% in 2019. We have seen a number of noteworthy email campaigns in recent times, from Excel to Office 365 admins.

“Attackers will continue to use and advance their social engineering techniques because of the success they’ve had with them,” says the report. “We see attackers using domain name spoofing – to impersonate emails to look like they’re coming from known brands or colleagues, and catchy subject lines as successful methods to get users to click open emails. Very targeted spear phishing has proven to be a successful approach, especially in business email compromise scams.”

Either way, the general trend over time appears to be increased education of users and more accurate anti-virus solutions. Of course, the data set for this year isn’t entirely complete, so we should see a more robust analysis from Microsoft in early 2020.