A recent cybersecurity report by Kaspersky has highlighted a 53% surge in daily cyber-threats targeting Microsoft Office during 2023.
The report also revealed an average detection of 411,000 malicious files per day this year, indicating an overall uptick of almost 3% compared to the previous year.
Kaspersky’s research signals a shift in cybercriminals’ tactics, emphasizing Microsoft Office and other document formats as prime targets.
The increase in malicious files within document formats such as Microsoft Office and PDF, totaled around 24,000 files. This spike is associated with a rise in phishing attacks utilizing deceptive PDF files designed to extract sensitive data.
While Trojans remain the most prevalent malware, the report notes a substantial rise in backdoor usage. Daily backdoor detections have escalated from 15,000 files in 2022 to 40,000 in 2023, indicating an increased threat of cybercriminals gaining remote control over victims’ systems.
Read more on Trojans: GoldDigger Android Trojan Drains Victim Bank Accounts
Vladimir Kuskov, head of anti-malware research at Kaspersky, stressed the evolving cyber-threat landscape.
“The cyber-threat landscape continues to evolve, becoming more dangerous year after year. Adversaries continue to develop new malware, techniques and methods to attack organizations and individuals,” the executive said.
According to Kuskov, the annual increase in reported vulnerabilities is accompanied by the unabated utilization of these vulnerabilities by threat actors, including ransomware gangs.
Moreover, the lowering entry barrier to cybercrime is attributed to the widespread adoption of AI. Attackers leverage AI to craft more convincing texts in phishing messages, exemplifying its role in facilitating cyber-threats.
“In these times, it is essential both for large organizations and for every regular user to embrace reliable security solutions,” the security expert added.
In light of these increasing threats, Kaspersky also advised users to stay vigilant. Additional recommendations include avoiding untrusted app sources, refraining from clicking on dubious links and creating strong, unique passwords with two-factor authentication (2FA). Regular updates are crucial, and messages prompting security system disablement should be ignored.
Image credit: monticello / Shutterstock.com