In the last two years, malicious programs like WannaCry, Petya and Ryuk have made it abundantly clear that malware and cyberattacks are entirely capable of bringing companies with inadequate cybersecurity to the brink of a shutdown and even driving them to bankruptcy.

During 2018, the Hornetsecurity Security Lab noticed a massive increase in emails with harmful attachments. The Emotet, Hancinator, Zeus and Trickbot trojans gave companies particular cause to be wary – in terms of email volume, these were among the biggest malware campaigns of 2018. A breakdown of malware attacks and their monthly incidence throughout 2018 is shown in the infographic. Hornetsecurity has analyzed the individual campaigns and painted a clear picture of what formats and files were concealing malicious software.

Malware is now the biggest threat to businesses, as according to the BSI (Federal Office for Information Security) report on “The State of IT-Security in Germany 2018”, 57 percent of all recorded cyberattacks can be traced back to malware infections. Email communication is the main method of transmission – masquerading as a harmless email, malware may be hiding in an attached Office file, for instance.

Ransomware, cryptominers, and spyware can lurk in Word documents as well as behind web links, and are among the varieties of malware most favored by cybercriminals. While malware sent via indiscriminate mass email (also known as spam) has declined sharply in recent years, businesses in particular are more and more often subjected to targeted and complex attack campaigns. Hackers are increasingly using social engineering and spear phishing to sneak malware onto company operating systems.

Over the last two years, the proportion of all recorded email traffic that is infected with malware has risen to around 1.3 percent. When dealing with a volume of 1,000 emails per day, that means at least 13 emails will contain malware; for a company that receives several thousand emails a day, it means that without adequate email security, the risk of falling victim to a malware attack is extremely high. After all, this is a particularly lucrative approach for cybercriminals. The German industry alone lost a total of around EUR 43 million due to malicious software in 2017 and 2018.

Developments such as growing connectivity and changing communication platforms will likely increase malware attacks and associated losses even further. Cyber risks are among the greatest dangers of going digital. Ransomware, one of the most widespread types of malware, is a particularly promising source of profit for hackers. . The fear of negative PR and the potentially far-reaching consequences inadequately protecting internal data is too high.

The last few years show a clear trend in the spread of malware: attacks will continue to proliferate. Until companies consider email and cybersecurity a necessary requirement in safely maintaining corporate communication and operational processes, cybercriminals will keep cashing in at their expense.