In 2024, for cybersecurity, we’re entering an era where advanced AI tools and escalated social engineering tactics (especially during election years) are changing the game. To avoid potential cyber threats, businesses, governments and individuals must grasp these emerging trends.
1. Rise Of Cybersecurity AI
In 2024, AI’s role in cybersecurity will expand to encompass automated responses and predictive analytics. It’s mainly about taking preventive measures in advance….
Integrating AI into cybersecurity applications can improve threat detection and incident response. For instance, AI can identify anomalies or deviations that may indicate potential security threats. Previously unseen attacks can be detected.
With cyberattacks becoming more sophisticated, AI’s ability to analyze vast datasets and identify patterns will be pivotal. Since AI has become a major part of cyber criminals’ toolkit, AI is expected to become a mainstay in cybersecurity solutions.
2. Election Year Disinformation
Election years provide fertile ground for social engineering and disinformation campaigns, and there’s no reason to believe 2024 will be an exception. As political tensions rise, so do efforts to manipulate public opinion and undermine democratic processes.
Americans lost $10.3 billion to online scams in 2022, which also emphasizes the need for ongoing employee security awareness training that includes exercises to help identify social engineering tactics and phishing attempts. The use of open-source intelligence tools (OSINT) to root out network vulnerabilities is recommended as a preventive measure to combat threat actors.
3. Escalation Of Ransomware Attacks
Ransomware remains a formidable threat in 2024, with tactics becoming increasingly complex and negotiations more aggressive. According to Cybersecurity Ventures, damages from cybercrime are projected to exceed $10.5 trillion globally by 2025.
This alarming escalation calls for robust backup strategies, employee training, cyber insurance, negotiation expertise and incident response plans. Companies can follow the example of external performing tasks such as penetration testing, validating network integrity, identifying unauthorized activity and monitoring for suspicious behavior.
Leveraging AI, cybercriminals can prey on human weaknesses such as impulsiveness, greed and curiosity to more convincingly create personalized phishing campaigns at scale. AI-facilitated social engineering attacks have been reported to the FTC.
This emerging trend underscores the need to perform AI risk assessments and to consider outsourcing expertise to a virtual AI officer who can step into the role and run AI-resistant security protocols.
5. National U.S. Data Privacy Act
The progression of data privacy regulations—beginning with the European Union’s General Data Protection Regulation (GDPR) and extending to California’s Consumer Privacy Act (CCPA)—is paving the way for establishing a national data privacy act in the U.S. called the American Data Privacy and Protection Act.
The burgeoning cannabis industry, particularly retailers, is increasingly vulnerable to cyberattacks as they transition to digital platforms. Banks and credit card services could begin to accept electronic payments and ACH transfers from cannabis businesses—thanks to pending legislation making its way through Congress—and the gap between point of sale (PoS) systems and potential data breaches narrows significantly.
Human error and complacency are major risk factors, and the industry’s nascent adoption of digital technologies makes it an attractive target for cybercrime. Retail dispensaries must prioritize cybersecurity to protect their client data and financial transactions, as the sector’s so-called “green rush” also attracts the unwanted attention of threat actors.
7. Zero Trust Elevates To Boardroom Status
The concept of zero trust in cybersecurity, akin to the rise of anti-virus software in the 1990s, is set to become a staple topic in boardroom discussions in 2024. Gaining steady momentum, the implementation of zero trust is no longer a technical nicety but a business imperative.
Rooted in the principle of “never trust, always verify,” the widespread adoption of zero-trust architectures signifies a paradigm shift in security strategies, emphasizing continuous verification of every user and device, regardless of their location or network.
This strategic move elevates cybersecurity from a technical concern to a core business function, crucial for protecting organizational assets.
8. FEMA Cyber Insurance
To make a bold and unprecedented prediction, FEMA, the federal agency known for last-resort flood insurance, may eventually be called upon to serve as a model and backstop for cyber insurance policies not covered by commercial carriers.
With traditional insurance carriers withdrawing from high-risk regions like Florida due to severe climate events, there is a growing need for federal intervention. A FEMA initiative could potentially underwrite essential services like airports, hospitals, energy and water treatment plants as commercial insurance options become limited.
Conclusion
The increasing complexity of cyber threats underscoring the security trends of 2024 highlights the need for advanced mitigation strategies. Organizations will need to understand these trends, ensure they enable best practices and consider collaborating with outsourced cybersecurity expertise to navigate the security environment and ensure a robust, future-ready cyber defense.
6) IoT with 5G Network: The New Era of Technology and Risks
7) Automation and Integration
8) Targeted Ransomware
9) State-Sponsored Cyber Warfare
10) Insider Threats
2023: The Digital Transformation realized for businesses, organizations and even governments are relying on computerized and progressively increased digital systems to manage their day-to-day activities making Cybersecurity a primary goal and priority for all Executives and Organizations of all sizes.
The 2020 pandemic year exacerbated this fact – with up to 75% of billions of people globally transitioning from their physical office (which had the IT resources and personnel) to their “home office”. Essentially turning the entire “working from home industry” and all of the IT and HR requirements that it needs due to safeguarding data from various online attacks or any unauthorized access as the new “norm” of virtual/remote work.
Going Forward: Continuous change in technologies including the popular Dual Authorization Password apps primarily through utilizing the smart phone also implies a parallel shift and priority in Cybersecurity trends across the board in every organization as news of data breach, ransomware, malware, compromised devices/browsers and hacks unfortunately become the norms. This is simply based on adapting to the progressing volume (millions before the 2020 Pandemic worked from home, today it is billions) of remote workers. Here are the top Cybersecurity trends for 2023:
1) Rise of Automotive Hacking
Modern vehicles nowadays come packed with automated software creating seamless connectivity for drivers in cruise control, engine timing, door lock, airbags and advanced systems for driver assistance. These vehicles use Bluetooth and WiFi technologies to communicate that also opens them to several vulnerabilities or threats from hackers. Gaining control of the vehicle or using microphones for eavesdropping is expected to rise in 2023 with more use of automated vehicles. Self-driving or autonomous vehicles use an even further complex mechanism that requires strict cybersecurity measures.
2) Potential of Artificial Intelligence (AI)
With AI being introduced in all market segments, this technology with a combination of machine learning has brought tremendous changes in cybersecurity. AI has been paramount in building automated security systems, natural language processing, face detection, and automatic threat detection and the ChatGPT OpenAI capabilities that are literally transforming industries of anything relating to “the written word” including Copy Writing, Marketing, Advertising, Education, and many, many others are all being automated with AI. Although, it is also being used to develop smart malware and attacks to bypass the latest security protocols in controlling data. AI enabled threat detection systems can predict new attacks and notify admins for any data breach instantly.
3) Mobile is the New Target
Cybersecurity trends provide a considerable increase (50 percent) for mobile banking malware or attacks in 2020, making our handheld devices a potential prospect for hackers. All of our photos, financial transactions, emails, and messages possess more threats to individuals. Smartphones are logically one of the biggest targets for anyone with the skills and agenda primarily based on two facts:
Smartphones are used by more people globally today than PC’s (personal computers)
The security and vulnerabilities of smartphones are far less on average than PC’s
Social Media like Facebook, Instagram, and Tik Tok as well as other installed Apps of all types on smartphones/PC’s/devices are being targeted more and more each day by malicious individuals and “ransomware gangs” globally.
4) The “Cloud” i.e. Internet is Also Potentially Vulnerable
With more and more organizations now established on clouds, security measures need to be continuously monitored and updated to safeguard the data from leaks. Although cloud applications such as Google or Microsoft are well equipped with security from their end still, it’s the user end that acts as a significant source for erroneous errors, malicious software, and phishing attacks more than ever before today. Malicious actors across the globe are adapting faster than end users can act, especially in today’s ever so popular Social Media world.
5) Data Breaches: Prime target
Data will continue to be a leading concern for organizations around the world. Whether it be for an individual or organization, safeguarding digital data is the primary goal now. Any minor flaw or bug in your system browser or software is a potential vulnerability for hackers to access personal information. New strict measures General Data Protection Regulation (GDPR) was enforced from May 25th, 2018 onwards, offering data protection and privacy for individuals in the European Union(EU). Similarly, the California Consumer Privacy Act (CCPA) was applied after January 1st, 2020, for safeguarding consumer rights in the California area.
6) IoT with 5G Network: The New Era of Technology and Risks
With the advent and growth of 5G networks, a new era of inter-connectivity will become a reality with the Internet of Things (IoT).
The Internet of Things (IoT) is essentially an interconnected global network where all devices are connected to each other as well as the “internet” 24×7. This communication between multiple devices also opens them to vulnerabilities from outside influence, attacks or an unknown software bug. Even the world’s most used browser supported by Google, Chrome was found to have serious bugs. 5G architecture is comparatively new in the industry and requires a lot of research to find loopholes to make the system secure from external attack.
Every step of the 5G network might bring a plethora of network attacks that we might not be aware of. Here manufacturers need to be very strict in building sophisticated 5G hardware and software to control data breaches.
7) Automation and Integration
With the size of data multiplying every day, it is eminent that automation is integrated to give more sophisticated control over the information. Modern hectic work demand also pressurizes professionals and engineers to deliver quick and proficient solutions, making automation more valuable than ever. Security measurements are incorporated during the agile process to build more secure software in every aspect. Large and complex web applications are further hard to safeguard making automation as well as cyber security to be a key concept of the software development process.
8) Targeted Ransomware
Another important cybersecurity trend that we can’t seem to ignore is targeted ransomware. Especially in the developed nations’ industries rely heavily on specific software to run their daily activities. These ransomware targets are more focused today in 2023 including examples like the Wanna Cry attack on the National Health Service hospitals in England corrupted more than 70,000 medical devices. Though generally, ransomware asks to threaten to publish the victim’s data unless a ransom is paid still it can affect the large organization or in case of nations too.
9) State-Sponsored Cyber Warfare
There won’t be any stoppage between the western and eastern powers in attempts to find superiority. The tension between the US and Iran or Chinese hackers often creates worldwide news though the attacks are few; they have a significant impact on an event such as elections. And with more than 70 elections bound to be held this year, criminal activities during this time will surge. Expect high-profile data breaches, key infrastructure like airlines grounding planes due to internal software compromises, etc. as top cybersecurity trends for 2023.
10) Insider Threats
Human error is still one of the primary reasons for data breaches and cyber security issues and service tickets, up to 75% of all reported in fact according to the most recent 2022 statistics. Any employee having a grudge or just a bad day at their employer or intentional loophole can bring down a whole organization with millions of stolen data. One example of this in 2022 was an official Report by Verizon that a documented data breach gives strategic insights on cybersecurity trends that 45 percent of total attacks were directly or indirectly made by the employees. Creating a culture of more awareness within premises to safeguard data in every way possible is truly the primary goal today in 2023 as well as the future.
Safeguarding your data by protecting your computers? Great. SMARTPHONES are by far your biggest weakness in cybersecurity today…. And that’s really no surprise to us Cyber Security experts!
Your Smartphone Is Their #1 Target
Some cyberattacks are targeted at a specific individual or company. The victim is selected because they are a high-value target to the threat actors. High value most often means rich financial gains for the threat actors. But sometimes their goal is to exfiltrate sensitive or private documents, intellectual property, or industrial secrets. Occasionally, the entire motive is to cause trouble for the victim. Hacktivists, for example, will try to destroy the victim’s IT systems and information. They want to cause operational and reputational damage to the victim. High value doesn’t always mean money.
Often the attackers are sophisticated organized crime cyber groups or state-sponsored advanced persistent threats groups (APTs). Many of the attacks they launch are against knowledgeable, well-defended targets, and are very difficult to accomplish. They require significant financial backing, top-tier technical skills, a lot of manpower, and operational guidance and control.
The recent attack on FireEye is a case in point. The attack was so sophisticated that investigators believe the perpetrators are a state-sponsored APT. The value, in this case, was stealing the software tools that FireEye uses to probe its customers’ cyber defenses.
By contrast, other cyber attacks try to snare as many victims as possible. No individual target is singled out. The threat actors are playing a numbers game today where we are clearly a “Smartphone Society”.
The numbers are staggering just since 2021…..
There are currently 300 million cell phones being used just in the U.S.A.
There is an estimated 15 Billion Phones in the world.
The recent trend is many bad actors are FOCUSING ON PHONES to nest effectively monetize their RETURN ON THEIR TIME & EFFORT INVESTMENT. If You Were A Cyber Criminal, Wouldn’t You Choose The Most Potential & Easiest Targets For The Same Amount Of Work (And Sometimes LESS)? Of Course You Would.
Apps and Data Leaks
Phones can run apps. It’s one of their biggest attractions. They’re easy to install and the majority are free. Unfortunately, they can be a cause of data leakage. The developers of the apps need to make money. If they are not charging for the app you have to ask yourself how are they funding development.
The answer is by selling information about you, such as your phone and app usage statistics, your contacts, communications, browsing habits, geographical location, your installed apps, and more. And these are the”legitimate” apps such as the McDonalds app which records, tracks, and documents ALL of the above information and is a BLESSING for any law enforcement / Cyber Security Forensic Investigators such as us).
The worst examples of these apps also capture login credentials and passwords for websites you visit, VPNs that you use, and any of your data & metadata (basically anything on your phone).
Riskware is the name used for free apps that offer to do something entertaining or useful—and actually deliver on that promise—but secretly siphon off information and send it back to the app publishers to be sold to advertisers or criminals. Riskware is different from a phone becoming infected with covert malware. With riskware, the owner of the smartphone chooses to install the app and is aware that it is going to be added to their device.
With the steady blurring that is happening between people’s personal digital lives and their corporate digital lives, most users will be able to get their personal and their business email on the same phone, and it is common for people to juggle multiple inboxes on the same device, often in a blended view. Riskware, or other more malicious apps, will happily harvest data whether it is personal or corporate.
Staff who haven’t been issued with a corporate phone will have a private phone, and they’ll bring it to their place of work and want to connect to the Wi-Fi. Personal phones should be relegated to the guest Wi-Fi or to another Wi-Fi segment set up for employees’ personal devices. They must not be allowed to connect to the main network.
To govern which apps can be installed onto corporate devices you can use mobile device management (MDM) software. This allows you to establish allow lists and deny lists of apps, to track the location of stolen phones, and to remotely wipe them if required.
MDM systems can block known bad apps and query unknown apps. Once vetted, the apps are either permitted or blocked. The hard part is to do this in a way that doesn’t overwhelm technical staff and that doesn’t grate on your users. A centralized management system and clear guidance provided when the phone is allocated will help on both fronts.
Choose Your Phone Brand Carefully
The well-documented ban prohibiting US federal contracts from being awarded to Huawei and several other Chinese companies is based on suspicions that the Chinese government could—using provisions in China’s 2017 National Intelligence Law—coerce manufacturers to plant back-doors and other spycraft mechanisms into their products.
Summary: In just under a year the two companies involved made over USD $5 Million dollars just by sending advertisements to the phones. Being the victim of adware is bad enough, but the same techniques could be used to deploy more insidious strains of malware such as keystroke loggers and other spyware. This amount DOES NOT COUNT any $$$ earned indirectly via the PII (Personal Identifying Information such as SSN/DOB/IRS information) easily seen, screenshots and then shared on the Deep or Dark Web. How about them accessing the phone owner/user’s bank account, their emails, credit cards saved, etc.? Yes, this is why it is uncountable in terms of total damage.
Smishing Attacks
Smishing attacks are phishing attacks delivered by SMS message instead of email. This delivery method has several advantages for the threat actors:
They don’t need to dress the message in the colors, fonts, and other trappings of corporate livery to make it look convincing.
People expect SMS messages to be short and sweet. They don’t expect to be told the entire story in the SMS. It is commonplace to click a link in an SMS to learn more and to get the finer detail.
People will more readily overlook poor grammar and misspellings in an SMS message. We’re all used to predictive text mishaps and while this shouldn’t happen in a corporate SMS message, that conditioning makes us more forgiving with that type of error than we would be in a corporate email.
In the space-restricted world of SMS messages, shortened URLs are the norm. And shortened URLs can be used to hide the real destination of the link.
It is easy to fake—or spoof—the number that sent an SMS message. If you receive an SMS from a telephone number that matches a contact in your address book, your phone will believe that is who sent it. The SMS messages will be identified as having come from that contact and they will be placed in the conversation list for that contact, alongside all of the genuine messages from that contact. All of that adds to the illusion that the message is genuine.
End-point protection suites usually have clients for cellphones, and these will go some way toward preventing malware installations. The most effective defense. of course. is to read articles like these to BE EDUCATED AND EMPOWERED to be aware of smishing, to recognize fraudulent messages, and to delete them immediately.
Loss of Devices
Losing a phone puts a tremendous amount of information about the owner of the phone at risk. If the phone has a poor password or PIN it won’t take long for the threat actors to discover it. PINs based on significant dates are a poor choice. Clues to the dates can be often be found in your social media posts.
Using a strong password or PIN and turning on encryption are good measures to protect the data—both personal and corporate—inside your phone. Installing or configuring tracking options is a good idea so that you can see the location of the device. This can aid recovery.
If you have added a Google account to your phone, Google’s Find My Device should be turned on automatically. Apple has a similar service called Find my iPhone. A third-party centralized system might better suit some corporate needs.
The ultimate sanction is to remotely wipe the device. This requires Mobile Device Management software (MDM). You may already have some available to you. If your company uses Microsoft 365 for example, basic MDM is provided for you.
SIM Swapping
You don’t need to lose your device to lose control over it. When you buy a new phone you can transfer the existing number to the new device and activate that as your current ‘live’ handset.
If scammers can gather some information about you they can ring your phone provider and have your number transferred to a handset that is under their control, in a sting called SIM Swapping. To make the transition to your new phone as smooth as possible, both Apple and Google will download copies of all your apps, settings, and data to the new handset. Unfortunately, it is under the control of the threat actors.
A variant on this is to use social engineering techniques to obtain a (say) 5G SIM card for the victim’s phone number, either online or at an outlet. The threat actor then calls the victim and pretends to be from the victim’s phone provider informing them of a free upgrade to 5G. They tell them that an upgrade code will shortly follow. They then text the victim the activation code that came with the fraudulently acquired 5G SIM card. When the victim activates the service it doesn’t upgrade their old 4G SIM. Instead, it ceases the service to it and activates the new 5G SIM. The threat actors have effectively cloned your phone.
These are targeted attacks. The victims have something on their phones that makes the effort worthwhile. The most famous cases of these have targeted cryptocurrency traders or individuals with high-value cryptocurrency accounts. Swapping the SMs allow their digital wallets to be accessed. Individual losses have amounted to tens of millions of dollars.
Public Wi-Fi and Network Spoofing
Phones and other mobile devices are great because of their portable nature, and because they let us get online wherever there is a Wi-Fi connection that we can join. But you need to be careful when you are on public Wi-Fi. Everyone who is using that Wi-Fi is on the same network, and the threat actors can use a laptop and some network packet capture and analysis software to snoop on what your cellphone is sending and receiving. So what you might have thought was private is not private at all.
You shouldn’t use public Wi-Fi if you are going to need to enter a password to log in to one of your sites or to check your email. Don’t do anything sensitive like online banking or using PayPal or any other payment platform. Don’t do anything that will reveal any of your personally identifiable information. Checking the sports scores or catching up on the news is fine. If you’re doing anything else, you should always use a Virtual Private Network (VPN). A VPN sends your data down a private encrypted tunnel making it impossible for threat actors to see.
For a couple of hundred dollars, threat actors can buy portable devices that act as Wi-Fi access points (WAPs). They’ll set up camp in a coffee shop or other public space, and configure their dummy WAP to have a name similar to the genuine free Wi-Fi connection.
Unsuspecting victims—usually those in a rush—will connect to the threat actor’s bogus Wi-Fi instead of the genuine free Wi-Fi. The threat actor’s Wi-Fi is connected to the genuine Wi-Fi so the victim does get online, but everything that the victim types is captured by the threat actor’s device. A VPN will keep you safe in this circumstance too.
A reputable VPN is a must if you are going to be using public Wi-Fi for anything other than the most mundane web browsing. Of course, if you have a really high data quota in your phone package you might not need to join a public Wi-Fi at all.
And while we’re talking about public spaces, avoid publicly shared phone charge points. If they have been compromised they can inject malicious code into your phone.
It’s a Computer, So Patch It
The modern phone is a computer in your pocket that you happen to be able to make calls on. It has an operating system, it runs apps, and you should have some sort of end-point protection suite running on it. All of these should be the current versions and kept patched up to date.
This can be more of a challenge with Android phone than with other devices. Different handset manufacturers blend their own integrations into vanilla Android before distributing it. Samsung, HTC, Sony, and others all provide their own modifications to Android. This slows down the release of Android patches because the patch has to be released to the manufacturers from Google, and then embellished by the third-party manufacturers before it is released to the end users.
Don’t Forget the Users
Adopt good business practices such as app vetting, deploying encryption, and Mobile Device Management. Tell your employees to:
Use strong PINs, passwords, or fingerprint recognition.
Always use a VPN on public Wi-Fi.
Turn off Bluetooth and Wi-Fi when you’re not using them.
Be careful what apps you download. Research them first.
Turn on backups.
Avoid public phone charge points. Carry a booster battery instead.
The Best Antivirus for Windows Today In 2023: Is Windows Defender Good Enough?
Windows Defender was originally known as Microsoft Security Essentials back in the Windows 7 days when it was offered as a separate download, but now it’s built right into Windows and it’s enabled by default. Many people have been trained to believe that you should always install a third-party antivirus, but that isn’t the best solution for today’s security problems, like ransomware.
If improving Security for your end device is your overall goal and you have a PC (aka Windows-OS device) then you must download and install WINPATROL. There is a FREE limited edition, but if you care for what comes in to your device then for a week's worth of coffee it is HIGHLY SUGGESTED you pay for the Upgrade. I have the paid version on every devices that runs on Windows since Windows 7 came out and it is THE BEST BARGAIN IN PC SECURITY. https://www.bleepingcomputer.com/download/winpatrol/
So, What Is the Best Antivirus Program In 2023?
We definitely recommend you read the entire article so you fully understand why we recommend a combination of Windows Defender andMalwarebytes, but since we know that tons of people will just scroll down and skim, here is our recommendation for how to keep your system secure:
Keep the Built-in Windows Defender for traditional antivirus – but today in 2023, malicious hackers require you to adapt and focus on Ransomware, zero-day attacks, keyloggers, and malware (such as Keyloggers that can copy and use every key stroke on your device for their own purposes) that require the 1-2-3 Defense listed below.
Use Malwarebytes for Anti-Malware and Anti-Exploit – all of the huge malware outbreaks these days are using zero-day flaws in your browser to install ransomware to take over your PC, and only Malwarebytes provides really excellent protection against this with their unique anti-exploit system. There’s no bloatware and it won’t slow you down.
Editor’s Note: This doesn’t even mention the fact that Malwarebytes, the company, is staffed by some really great people that we really respect. Every time we talk to them, they are excited about the mission of cleaning up the internet. It’s not often that we give an official How-To Geek recommendation, but this is our favorite product by far, and something we use ourselves.
A One-Two-Three Punch Equals a Knockout for anyone trying to cause harm: Registry/Windows Defense (WinPatrol), Antivirus (Windows Defender) and Anti-Malware (MalwareBytes)
1. You need antivirus software on your computer, no matter how “carefully” you browse. Being smart isn’t enough to protect you from threats, and security software can help act as another line of defense.
2. However, antivirus itself is no longer adequate security on its own. We recommend you use a good antivirus program and a good anti-malware program. Together, they will protect you from most of the biggest threats on the internet today: viruses, spyware, ransomware, and even potentially unwanted programs (PUPs)—among many others.
3. So which ones should you use, and do you need to pay money for them? Let’s start with the first part of that unified threesome combo: antivirus.
Is Windows Defender Good Enough On Its Own? NO IT IS NOT!
When you install Windows 10 or Windows 11 (not recommended as of this time), you will have an antivirus program already running. Windows Defender comes built-in to Windows 10, and automatically scans programs you open, downloads new definitions from Windows Update, and provides an interface you can use for in-depth scans. Best of all, it doesn’t slow down your system, and mostly stays out of your way—which we can’t say about most other antivirus programs.
For a short while, Microsoft’s antivirus fell behind the others when it came to comparative antivirus software tests—way behind. It was bad enough that we recommended something else, but it’s since bounced back, and now provides very good protection.
So in short, yes: Windows Defender is good enough (as long as you couple it with a good anti-malware program, as we mentioned above—more on that in a minute).
But Is Windows Defender the Best Antivirus? What About Other Programs?
If you look at that antivirus comparison we linked to above, you’ll notice that Windows Defender, while good, does not get the highest ranks in terms of raw protection scores. So why not use something else?
First, let’s look at those scores. AV-TEST found that it still caught 99.9% of the “widespread and prevalent malware” in April 2017, along with 98.8% percent of the zero-day attacks. Avira, one of AV-TEST’s top rated antivirus programs, has the exact same scores for April—but slightly higher scores in past months, so its overall rating is (for some reason) much higher. But Windows Defender isn’t nearly as crippled as AV-TEST’s 4.5-out-of-6 rating would have you believe.
Furthermore, security is about more than raw protection scores. Other antivirus programs may occasionally do a bit better in monthly tests, but they also come with a lot of bloat, like browser extensions that actually make you less safe, registry cleaners that are terrible and unnecesary, loads of unsafe junkware, and even the ability to track your browsing habits so they can make money. Furthermore, the way they hook themselves into your browser and operating system often causes more problems than it solves. Something that protects you against viruses but opens you up to other vectors of attack is not good security.
Just look at all the extra garbage Avast tries to install alongside its antivirus.
Windows Defender does not do any of these things—it does one thing well, for free, and without getting in your way. Plus, Windows 10 already includes the various other protections introduced in Windows 8, like the SmartScreen filter that should prevent you from downloading and running malware, whatever antivirus you use. Chrome and Firefox, similarly, include Google’s Safe Browsing, which blocks many malware downloads.
If you hate Windows Defender for some reason and want to use another antivirus, you can use Avira. It has a free version that works fairly well, a pro version with a few extra features, and it provides great protection scores and only has the occasional popup ad (but it does have popup ads, which are annoying). The biggest problem is that you need to be sure to uninstall the browser extension it tries to force on you, which makes it hard to recommend to non-technical people.
Antivirus Isn’t Enough: Use Malwarebytes, Too
Antivirus is important, but today, it is far more important that you use a good anti-exploit program to protect your web browser and plug-ins, which are the most targeted by attackers. Malwarebytes is the program we recommend here.
Unlike traditional antivirus programs, Malwarebytes is good at finding “potentially unwanted programs” (PUPs) and other junkware. As of version 3.0, it also contains an anti-exploit feature, which aims to block common exploits in programs, even if they are zero-day attacks that have never seen before—like those nasty Flash zero-day attacks. It also contains anti-ransomware, to block extortion attacks like CryptoLocker. The latest version of Malwarebytes combines these three tools into one easy-to-use package for $40 per year.
Malwarebytes claims to be able to replace your traditional antivirus entirely, but we disagree with this. It uses completely different strategies for protecting you: antivirus will block or quarantine harmful programs that find their way to your computer, while Malwarebytes attempts to stop harmful software from ever reaching your computer in the first place. Since it doesn’t interfere with traditional antivirus programs, we recommend you run both programs for the best protection.
Update: The Premium version of Malwarebytes now registers itself as the system’s security program by default. In other words, it will handle all your anti-malware scanning and Windows Defender won’t run in the background. You can still run both at once if you like. Here’s how: In Malwarebytes, open Settings, click the “Security” tab, and disable the “Always register Malwarebytes in the Windows Security Center” option. With this option disabled, Malwarebytes won’t register itself as the system’s security application and both Malwarebytes and Windows Defender will run at the same time.
Note that you can get some of Malwarebytes’ features for free, but with caveats. For example, the free version of Malwarebytes program will only scan for malware and PUPs on-demand—it won’t scan in the background like the premium version does. In addition, it doesn’t contain the anti-exploit or anti-ransomware features of the premium version.
You can only get all three features in the full $40 version of Malwarebytes, which we recommend. But if you’re willing to forego anti-ransomware and always-on malware scanning, the free versions of Malwarebytes and Anti-Exploit are better than nothing, and you should definitely use them.
There you have it: with a combination of a good antivirus program, Malwarebytes, and some common sense, you’ll be pretty well protected. Just remember that antivirus is only one of the standard computer security practices you should be following. Good digital hygiene isn’t a replacement for antivirus, but it is essential to making sure your antivirus can do its job.
How to Add Exclusions in Windows Defender on Windows 10
The Windows Defender main page is pictured above (all content and images are the rights of SkyTheTechGuy.com and GeeksByTheHour.com respectively). Windows Defender is intentionally fully integrated into Windows 10, constantly running in the background by default and scanning your files for malware against its Cloud database per updates in real time unless one disables it (not recommended).
Geeks aka Windows experts like Dr. Sky and John do not take responsibility in any way if you attempt to exclude any file or files from Windows Defender. We usually only do this to improve performance for tasks like compiling programming code, running virtual machines, etc. DO NOT DISABLE GROUPS OF FILE TYPES, only specific files unless you consult experts like us at GeeksByTheHour.com
Exclusions can also help if you’re running into false positives where Windows Defender marks legitimate files as malware.
**Warning: Be careful about what you exclude. Windows Defender won’t scan your excluded files and directories for malware. You wouldn’t want to exclude everything in your Downloads folder, for example!**
I. First, we need to launch Windows Security to change some settings. Open the Start menu and type “Windows Security.” Then, select the “Windows Security” app.
II. In Windows Security, navigate to “Virus & Threat Protection.” Then, click “Manage Settings.”
III. In “Virus & Threat Protection Settings,” scroll down to the very bottom of the page, and click “Add or Remove Exclusions.”
IV. On the Exclusions page, you can add or remove files that you want to exclude from Windows Defender scans. To add an exclusion, click the “Add An Exclusion” button beside the large plus symbol (+).
–>A small menu will pop up allowing you to define your exclusion by File, Folder, File type, or Process.
V. What you choose depends on what type of exclusion you are trying to make. Here’s what each choice does.
File: If you select this, a box will pop up allowing you to browse your computer to select a single file that will be excluded from future scans. Select the file you’d like, then click “Open.”
Folder: Like the File option, this will let your browse your computer for a specific folder to exclude from scans. The folder’s contents and subfolders will be excluded as well.
File type: A box will pop up asking you to enter a file extension (e.g., “.MID”) representing the file type that you’d like to exclude. All files of that type will be excluded from future scans. This one is dangerous because you might accidentally exclude a large class of potentially hazardous files, such as PDF or DOC files.
Process: A pop-up will ask you to enter the name of a process (a running program, i.e., “explorer.exe”) to exclude from scans. If a certain program you know is safe keeps getting flagged by Defender, you can enter it here.
Select one of these options and make the necessary selections in the pop-up dialog that follows.
VI. Once you add an exclusion, it will show up in a list on the Exclusions page.
VII. If you’d like to remove an exclusion you’ve already defined, hover your mouse cursor over the item until the downward-pointing carat arrow appears, then click the “Remove” button that pops up.
ALL DONE!
Now that you are all done, close Windows Security and your settings will be saved automatically. The next time your system does a Defender scan, the item(s) you added to the exclusions list will no longer cause trouble and will be bypassed from Defender and can be ran and used as needed.
How GeeksByTheHour Rated the Best 5 Antivirus Software Programs of 2021:
Strong malware protection. We only recommend products that have proven to protect against the most advanced malware threats — not only viruses, but also spyware, rootkits, ransomware, and anything else that could cause me or my devices harm. We personally conducted dozens of malware tests, stress-tests, and CPU performance tests to make sure that these products can provide rock-solid protection against all viruses, malware, and other dangerous internet security threats with no bias, and just the results.
High-quality features. Most antivirus brands offer additional internet security features in their paid antivirus packages. But the majority of times, these extras are just flashy additions that will weigh your computer down and affect your device’s performance (not to mention increase the price). I personally tested each of the features for each of the products on this list to guarantee that each antivirus’s features are genuinely useful and effective, not just expensive, flashy extras.
Speed and efficiency. The best antivirus programs are lightweight and run smoothly — even on older or slower computers — across all of the software’s intended operating systems. I personally tested and measured how quick and efficient each antivirus on this list performed against all the other antivirus programs on the market.
Easy-to-use. Whether you’re an amateur or an expert, you need virus protection for your computers, your phones, and your tablets. We personally tested each antivirus software here to make sure that pretty much anyone will be able to set it up easily and use it properly.
Good value. Antivirus software can be a big investment. We considered all relevant factors such as web and browsing protection features, how many devices are covered, and whether or not there’s a free trial or money-back guarantee. We personally feel that all of these top antivirus programs provide great value!
For MAC Users Only:? Intego — Best antivirus for Mac as determined by Dr. Sky Houston after comparing it to all of the other Mac results (only for macOS systems).
For WINDOWS Users Only: WINDOWS DEFENDER is the best Antivirus as long as you maintain its Updates, use WinPatrol, and use MALWAREBYTES as a 1-2-3 Best of Breed PC Security Defense!
Kaspersky Total Security
The best antivirus protection overall outside of the above-mentioned Intego (only if you are a Mac user).
-Limited VPN usage-Microphone protection hard to enable (we here at GeeksByTheHour are unbiased and only report testing results. With this being said, NONE of the Antivirus Software listed should be purchased based only on its VPN offerings. Instead, we advise strongly NordVPN if privacy and security in a VPN are important to you!
Kaspersky’s Windows products have excellent malware-detection scores and a light-to-moderate system-performance impact, the two most important criteria in our rankings.
The best antivirus software you can buy Kaspersky offers excellent malware protection, lots of useful extra features and a light system impact with an easy-to-use interface.
Bitdefender Antivirus Plus
The best value in antivirus software currently available.
Features:
Anti-theft: No
Backup software: No
Firewall: No
Game mode: Yes
Hardened browser: Yes
Parental controls: No
Password manager: Yes
Ransomware rollback: Yes
Webcam protection: No
Virtual keyboard: Yes
VPN: Limited upsell
Wi-Fi scanner: Yes
Reasons to buy
+Very good malware protection +Lots of useful extra features +GeeksByTheHour ranks it #2 overall in terms of virus protection, just 6 points lower than Kaspersky listed above!
Reasons to avoid
-Heavy background system impact
Bitdefender Antivirus Plus is our top choice among entry-level antivirus products. It has very good, if not perfect, malware-detection scores. Its active scans don’t add much to the background system impact, but that background load is a bit heavy.
It also offers the most value, with an unlimited password manager, a secure browser with a virtual keyboard, a Wi-Fi network scanner, a file shredder, protection against encrypting ransomware and Bitdefender’s new web-privacy software — features often found only with pricier antivirus packages.
The midrange Bitdefender Internet Security adds parental controls, webcam protection and a two-way firewall, while Bitdefender Total Security tops off the lineup with an anti-theft feature for laptops, a system optimizer and licenses for Bitdefender Antivirus for Mac and Bitdefender Mobile Security for Android.
A fourth product, Bitdefender Premium Security, is basically Total Security with unlimited VPN usage and priority tech support. (The other programs limit you to 200MB of Bitdefender VPN usage per day.)
But the best deal is the Bitdefender Family Pack, which puts Total Security on up to 15 devices for (a frequently discounted) $120 per year.
Norton 360 Deluxe
Lots of products, but no file shredder, file encryption or secure web browser options.
Features
Anti-theft: No
Backup software: Yes
Firewall: Yes
Game mode: Yes
Hardened browser: No
Parental controls: Yes
Password manager: Yes
Ransomware rollback: No
Webcam protection: Yes
VPN: Unlimited
Reasons to buy
+Excellent malware protection +LifeLock identity protection with top tiers
All nine of Norton’s antivirus products offer excellent malware protection, and the once-heavy system-performance load is much lighter. The number of extra features each program has varies according to price, but the sweet spot in the lineup is Norton 360 Deluxe.
It includes a password manager, unlimited VPN service, dark-web personal-data monitoring, parental controls and up to 50GB of online storage space. Two retail-only offerings, Norton 360 Premium and Norton 360 Platinum, give you more online storage and expand the antivirus and VPN coverage to 10 and 20 devices, respectively.
If you want full-on identity protection, Norton offers three bundles with varying degrees of LifeLock service and even more online storage space. Their annual subscription prices run well into the triple digits, but still cost less than if you were to buy the identity protection, password manager, cloud-backup storage and antivirus software separately.
Unlike some of the other best antivirus software makers, Norton doesn’t offer a file shredder, file encryption or secure web browser with any of its products. Yet every other digital-protection service you could possibly ask for is included with at least some of its bundles.
McAfee Internet Security
A bargain for big families, but far from perfect protection
Features
Anti-theft: No
Backup software: No
Firewall: Yes
Game mode: Yes
Hardened browser: No
Parental controls: No
Password manager: Yes
Ransomware rollback: Yes
Webcam protection: No
Virtual keyboard: No
VPN: No
Reasons to buy
+Protects lots of machines for cheap +Password manager +Improving malware protection
Reasons to avoid
-Very heavy performance hit -No parental controls on mid-priced tier.
McAfee’s malware detection has improved greatly in the past couple of years, but it’s still not quite top-of-the-line.
Despite that, the entry-level McAfee AntiVirus Plus is a bargain: $60 per year buys software for up to 10 (in practice, unlimited) devices, whether they run Windows, macOS, iOS or Android, and the software comes with a file shredder and a two-way firewall.
McAfee Internet Security adds one of the best password managers in the business, but to get parental controls, you’ll have to spring for McAfee Total Protection or its sibling McAfee LiveSafe, which comes pre-installed on many (most) new PCs.
The multi-device licenses of those two security suites also come with an identity-protection service. But none of the McAfee products have a secure browser or webcam protection, which you often get with other premium antivirus programs.
At the top is McAfee Total Protection Ultimate, which adds unlimited VPN service with no strings attached (but remember, we do NOT recommend any VPN Services here). Hardcore PC gamers may consider McAfee Gamer Security, which for $60 per year offers low-overhead protection for a single rig.
Trend Micro Maximum Security
Solid protection, but scan slowdowns
Features
Backup software: No
Firewall: No
Game mode: Yes
Hardened browser: Yes
Parental controls: Yes
Password manager: Yes
Webcam protection: No
Virtual keyboard: No
VPN: Yes
Reasons to buy
+Very good malware protection +Secure browser, password manager +Dark Web scans
Reasons to avoid
-Heavy performance hit during scans – Many false positives on 125+ GeeksByTheHour’s rigorous tests.
Trend Micro offers very good protection, but its malware-detection engine creates a heavy system load during scans and returns a fair number of false-positive results.
The brand’s entry-level program, Trend Micro Antivirus+ Security, has basic tools but does have a secure web browser. Parental controls, a system optimizer and a file shredder are bundled into the mid-range Trend Micro Internet Security.
Trend Micro Maximum Security adds a password manager, a secure browser and file encryption, while the new Trend Micro Premium Security adds a VPN and dark-web monitoring of personal data.
However, none of Trend Micro’s programs include a two-way firewall or webcam protection, standard with other brands’ midrange offerings. Nor does the premium product have the cloud storage or backup software that some of the best antivirus brands add as enticements to their flagship packages.
Viruses and malware are constantly evolving, becoming more advanced and more dangerous by the second, making it extremely difficult to keep your data protected. Unless you’re properly protected (which most people aren’t), you’re at risk of becoming a victim of the latest computer virus threats and malware attacks.
Cybercriminals are relentless and will stop at nothing to hack your computer or phone to steal your most valuable data — including bank details, personal photos, and sensitive ID card information. This is why you must have a working antivirus installed on your PC, Mac, Android, or iPhone. Our top recommended Anti-Virus Programs are:
Kaspersky Total Security The best antivirus protection overall.
Bitdefender Antivirus Plus (The best value overall)
Norton 360 Deluxe
McAfee Internet Security
Trend Micro Maximum Security
ESET Smart Security Premium
Sophos Home Premium
Here are the 10 most dangerous computer viruses and new malware threats in 2021 that you need to protect yourself from.
1. Clop Ransomware
Ransomware is malware which encrypts your files until you pay a ransom to the hackers. “Clop” is one of the latest and most dangerous ransomware threats. It’s a variant of the well-known CryptoMix ransomware, which frequently targets Windows users.
Before beginning the encryption process, the Clop ransomware blocks over 600 Windows processes and disables multiple Windows 10 applications, including Windows Defenderand Microsoft Security Essentials — leaving you with zero chance of protecting your data.
The Clop ransomware has evolved since its inception, now targeting entire networks — not just individual devices. Even the well-known academic institution Maastricht University in the Netherlands became a victim of the Clop ransomware, with almost all Windows devices on the university’s network being encrypted and forced to pay a ransom.
2. Fake Windows Updates (Hidden Ransomware)
Hackers have been increasingly sending emails that instruct readers to install urgent Windows OS updates. The emails trick readers into installing the “latest” Windows updates, which are actually ransomware ‘.exe’ files in disguise.
The ransomware contained in these emails is known as “Cyborg”. It encrypts all of your files and programs and demands a ransom payment to un-encrypt the files.
Unfortunately, many email service providers and basic antivirus software aren’t able to detect and block these emails. This is why you must be using an antivirus that provides proper internet security, protecting you from dangerous emails.
3. Zeus Gameover
Zeus Gameover is part of the “Zeus” family of malware and viruses. This piece of malware is a Trojan — malware disguised as something legitimate — that accesses your sensitive bank account details and steals all of your funds.
The worst thing about this particular variant of the Zeus malware family is that it doesn’t require a centralized “Command and Control” server to complete transactions — which is a flaw found in many cyberattacks that authorities can target. Instead, Zeus Gameover can bypass centralized servers and create independent servers to send sensitive information. In essence, you cannot trace your stolen data.
4. RaaS
“RaaS” — also known as “Ransomware as a Service” — is a growing industry in the underground hacker community. People without the knowledge to carry out a sophisticated ransomware attack can pay to hire a professional hacker or team of hackers to perform the attack for them.
The growth of the underground RaaS industry is worrying, as it shows how easy it is to infect people with ransomware despite the bad actors having no previous experience with designing or coding malware.
5. News Malware Attacks
Cybercriminals often use current news stories and global events to target people with malware.
One example is hackers using the wave of the COVID-19 (Coronavirus) outbreak to target individuals with malware. Hackers send out emails that are disguised as legitimate information about the outbreak. Readers are prompted to click a link to learn more about the information, but the link contains malware that copies the files on your device and steals your personal information.
Research currently focuses on the spread of this malware in Japan. Still, it will become an issue worldwide during any kind of newsworthy outbreak.
6. Fleeceware
Fleeceware continues to charge app users large amounts of money despite users deleting those apps. Recent research has found that over 600 million Android users have downloaded “Fleeceware” onto their device in the past few years.
Although Fleeceware doesn’t pose a considerable security threat to a user’s device and data, it’s still very common, and it’s a shady practice by app developers wanting to cash in on unsuspecting users.
7. IoT Device Attacks
As the popularity of IoT (Internet of Things) devices grows in 2021 — things like smart speakers and video doorbells — hackers are looking to exploit these devices for valuable information.
There are multiple reasons why hackers choose to target IoT devices. For one, most IoT devices don’t have enough storage to install proper security measures. These devices often contain easy-to-access data such as passwords and usernames, which then can be used by hackers to log into user accounts and steal valuable information, such as banking details.
Hackers can also use internet-based cameras and mics to spy on and communicate with people — including young children via smart baby monitors.
These devices can also act as weak points in a corporation’s network, meaning hackers can gain access to entire systems through unsecured IoT devices — spreading malware to other devices across the network.
8. Social Engineering
Humans are possibly the weakest link in any security protocol. This is why cybercriminals are now turning to human psychology and deception to try and gain access to personal information.
The hacker will start by contacting a company or service provider and pretend to be a specific person. They’ll ask questions regarding the victim’s account and trick the customer support team into handing over pieces of sensitive information. Then, they’ll exploit that information to gain access to a person’s account and data, including payment details.
Although this isn’t a type of malware per se, social engineering is an alarming trend, as it doesn’t require hackers to know about coding or malware development. Instead, all the attacker needs is to be convincing and allow human error and complacency to reward them with the data they need.
9. Cryptojacking
Cryptojacking malware is designed to use a person’s computing power to help “mine” cryptocurrencies, such as Bitcoin. Mining requires a huge amount of computing power to generate new crypto coins, which is why hackers are attempting to install cryptojacking malware on computers and mobile devices to help with the mining process — slowing down the user’s device considerably.
Although cryptojacking attacks dropped significantly in previous years — mainly due to the sharp fall in the value of cryptocurrencies, this trend remains a threat. Cryptocurrency prices continue to rise through 2021, with Bitcoin booming over $40,000 as recently as January. Given the value of cryptocurrency, cryptojacking malware attacks will continue to be lucrative for cybercriminals.
10. Artificial Intelligence (AI) Attacks
As more tools become available to developers who want to program AI scripts and software, hackers will be able to use this same technology to carry out devastating cyberattacks.
Although cybersecurity companies are using artificial intelligence and machine learning algorithms to help combat malware, these technologies can also be exploited to hack devices and networks on a massive scale.
Cyberattacks can often cost cybercriminals a lot in terms of time and resources. So, with the expansion of AI and machine learning technologies, we can only expect hackers to develop highly-advanced and destructive AI-based malware in 2021 and beyond.
Just look at all the extra garbage Avast tries to install alongside its antivirus.
