Cybersecurity services multinational Kaspersky's detection systems discovered an average of 403 000 new malicious files daily between January and October 2022, indicating 5% growth compared with 2021.

The number of certain types of threats also escalated, such as the 181% increase in the proportion of ransomware detected daily.

Kaspersky’s researchers discovered that the share of ransomware encountered daily reached 9 500 encrypting files. Among other threats, Kaspersky security solutions also detected a 142% increase in the share of Downloaders, which are malicious programs that install new versions of malware or unwanted applications on infected devices.

In total, Kaspersky’s systems detected about 122-million malicious files in 2022, six-million more than in 2021.

Further, Windows continued to be the prime target of attacks among all platforms where threat families were spread. In 2022, Kaspersky experts discovered an average of nearly 320 000 malicious files attacking Windows devices. Out of all malicious files spread, 85% of them targeted Windows.

However, Windows is not the only popular platform for attackers. In 2022, Kaspersky's detection systems also discovered that the share of malicious files in Microsoft Office formats distributed daily doubled, reaching 236% of growth.

Additionally, in 2022, Kaspersky experts identified a 10% increase in the share of malicious files targeting the Android platform every day. Therefore, Android users have also become some of the favourite targets of fraudsters. The infamous 2022 campaigns Harly and Triada Trojan, which ambushed thousands of Android users around the world, are prime examples of this trend, the company said.

“Considering how quickly the threat landscape is expanding its boundaries and the number of new devices appearing in users’ daily lives, it is quite possible that in 2023 we'll be detecting not 400 000 malicious files per day, but half a million,” noted Kaspersky anti-malware research head Vladimir Kuskov.

“Even more dangerous is that, with the development of Malware-as-a-Service, any novice fraudster can now attack devices without any technical knowledge in programming. Becoming a cybercriminal has never been so easy.

“It is therefore essential not only for large organisations but also for every ordinary user to employ reliable security solutions to avoid falling victim to cybercriminals. Kaspersky experts, in turn, will do their best to protect against these threats and save users from losses so that their daily online experience is completely safe,” he stated.

Kaspersky recommends that organisations always keep software updated on all devices used to prevent attackers from infiltrating networks by exploiting vulnerabilities, and to establish the practice of using strong passwords to access corporate services and use multi-factor authentication for access to remote services.

Organisations are also encouraged to choose a proven endpoint security solution that is equipped with behaviour-based detection and anomaly control capabilities for effective protection against known and unknown threats, and to use a dedicated set for effective endpoint protection, threat detection and response products to timeously detect and remediate even new and evasive threats, he adds.

Additionally, organisations should use the latest Threat Intelligence information to stay aware of the actual tactics, techniques and procedures used by threat actors.

To stay protected, Kaspersky also recommends that business employees and consumers do not download and install applications from untrusted sources and do not click on any links from unknown sources or suspicious online advertisements.

Further, users must create strong and unique passwords, including a mix of lower-case and upper-case letters, numbers and punctuation, as well as activating two-factor authentication, and always install updates, as some of them may contain critical security issue fixes.

Users should also ignore messages asking to disable security systems for office or cybersecurity software, and use a robust security solution appropriate to the user's system type and devices, Kuskov recommended.