The document summarizes malware evolution over 20 years from 1994 to 2016. It notes that in 1994 there was a new virus every hour, rising to a new virus every second by 2011. By 2016 there were 310,000 new malware samples detected every day. It also provides statistics on attacks repelled and malware detected by Kaspersky Lab in the first quarter of 2016, including ransomware attacks blocked and mobile threats detected.

1. Looking Back: 20 Years of Malware Evolution
MALWARE EVOLUTION

2. THE SCALE OF THE THREAT
1
NEW VIRUS
EVERY HOUR
1994
1
NEW VIRUS
EVERY MINUTE
2006
1
NEW VIRUS
EVERY SECOND
2011
310,000
NEW SAMPLES
EVERY DAY
2016
The evolving threat landscape2

3. Main Figures and Statistics
IT THREAT EVOLUTION: Q1 2016

4. MAIN STATISTICS Q1 2016
4
Kaspersky Lab solutions repelled 228,420,754 attacks launched from online resources
located all over the world.
74,001,808 unique URLs were recognized as malicious by web antivirus components.
Crypto ransomware attacks were blocked on 372,602 computers of unique users.
Kaspersky Lab mobile security products detected:
2,045,323 installation packages
4,146 new malicious ransomware trojans
2,896 mobile banking Trojans

5. VULNERABLE APPLICATIONS USED BY
CYBERCRIMINALS
5
The top position in the Q1 2015 rankings was occupied by
the Browsers category (64%), which includes exploits
targeting Web Browsers. This category was also at the top
of the rankings in the last three quarters of 2015.
In Q1 2016, exploits for Adobe Flash Player remained
popular. During the reporting period two new
vulnerabilities in this software were detected:
CVE-2015-8651
CVE-2016-1001
The first exploit pack to add support for these
vulnerabilities was Angler.
One notable event in the first quarter was the use of an
exploit for Silverlight - CVE-2016-0034. At the time of
publication, this vulnerability is used by the Angler and
RIG exploit packs.

6. Main Figures and Statistics
MOBILE THREATS: Q1 2016

7. MOBILE THREATS – MAIN STATISTICS Q1 2016
7
Kaspersky Lab detected 2,045,323 malicious installation packages – this is 11 times greater
than in Q4 2015, and 1.2 times more than in Q3 2015.

8. MOBILE THREATS – MAIN STATISTICS Q1 2016
8
In Q1 2016, adware programs continued to top the rating of detected malicious objects for mobile
devices. The share of adware programs grew 13 p.p. compared to Q4 2015, and reached 42.7%.
Notably, this is lower than in Q3 2015 (52.5%).

9. MOBILE BANKING TROJANS
9
Over the reporting period, we detected 4,146 mobile banking Trojans, which is 1.7 times more
than in the previous quarter. (percentage of all users attacked)

10. Current Topics
MALWARE INCIDENTS

11. 11
KASPERSKY SECURITY FOR MOBILE
Proactieve beveiligings-, beheer- en controlelagen voor mobiele endpoints
Mobile Security
• Meerlaagse
anti-malware
• Web Protection
• Detectie van
rooting/jailbreak
Mobile Device
Management
• Exchange
ActiveSync
• iOS MDM
• Samsung KNOX
Mobile Application
Management
• App wrapping
• App Control
• Selective Wipe
Diefstalbescherming
• Vergrendelen/wissen
• Opsporen/Waarschu-
wen/Foto
• SIM Watch
Self Service Portal
• BYOD mogelijk
• Certificaten ophalen
• Diefstalbescherming
Gecentraliseerd beheer
• Alle grote mobiele
platforms
• Andere IT-
beveiligingsdomeinen

12. RANSOMWARE – PROBLEM OF THE YEAR?
12
2016 has only just got underway, but the first three months have already seen the same amount of
cyber-security events that just a few years ago would have seemed normal for a whole year. The main
underlying trends remained the same, while there was significant growth in trends related to
traditional cybercrime, especially mobile threats and global ransomware epidemics.
Ransomware became the main theme of the quarter after knocking targeted attacks from the top of
the most popular threat rating. Unfortunately, this is a situation that will continue to evolve, and those
behind the extortion could well end up being named "problem of the year".

13. RANSOMWARE
13
The overall number of encryptor modifications in our Virus Collection to date is at least 15,000.
Nine new encryptor families and 2,900 new modifications were detected in Q1.
In Q1 2016, 372,602 unique users were attacked by encryptors, which is 30% more than in the
previous quarter. Approximately 17% of those attacked were in the corporate sector.
Number of ransomware samples in our collection Number of users attacked by ransomware

14. 14
APPLICATION CONTROL - WHITELISTING
Application
Startup Control
Application
Privilege Control
Controle op
vulnerability
Gedrags-
analyse
CLOUD
Whitelists
Lokale
Whitelists

15. TELEWERKEN
15
Organisaties die telewerken toestaan, behoren een beleid uit te vaardigen dat de
voorwaarden en beperkingen definieert voor het telewerken.
Device
Control
Application
Control
Web
Control

16. BEHANDELEN VAN MEDIA
16
Uw organisatie dient procedures te hebben voor het beheer van verwijderbare media
waarop persoonsgegevens worden opgeslagen en die de beveiligingsperimeter van uw
organisatie kunnen verlaten. Denk hierbij ook aan de verwijderbare media in apparatuur
zoals multifunctionele printers en copiers.
Uw organisatie moet de nodige maatregelen bepalen om fysieke media (inclusief papieren
documenten) die persoonsgegevens bevatten tijdens het transport te beschermen tegen
onbevoegde toegang, misbruik of corruptie.

17. BESCHERMING TEGEN MALWARE
17
Ter bescherming tegen malware (voorkomen, ontdekken en verwijderen/herstellen) behoort
uw informaticadienst anti-malware en herstelsoftware te installeren en regelmatig te
updaten, waarbij computers en media als voorzorgsmaatregel of routematig worden
gescand.
De uitgevoerde scan behoort onder meer:
alle bestanden die via netwerken of via elke vorm van opslagmedium zijn ontvangen, vóór
gebruik op malware te scannen; bijlagen en downloads vóór gebruik. Op malware te
scannen en dit op verschillende cruciale plaatsen in uw netwerkconfiguratie (mailservers,
computers, netwerktoegang...);internetpagina’s op malware te scannen. Nauwkeurige en
informatieve waarschuwingsberichten in het geval van een reële bedreiging kunnen het
bewustzijn van de gebruikers vergroten

18. MOST TESTED. MOST AWARDED. KASPERSKY LAB PROTECTION.*
18
0%
20%
40%
60%
80%
100%
20 40 60 80 100
N of independent tests/reviews
ScoreofTOP3places
Bitdefender
Sophos
G DATA
Symantec
F-Secure Intel Security (McAfee)
Trend Micro
Avira
Avast
AVG
ESET
Quick Heal
Microsoft
Panda Security
In 2015 Kaspersky Lab products participated in 94
independent tests and reviews. Our products were
awarded 60 firsts and achieved 77 top-three finishes.
Kaspersky Lab
1st places – 60
Participation in 94
tests/reviews
TOP 3 = 82%
BullGuard
* Notes:
• According to summary results of independent tests
in 2015 for corporate, consumer and mobile
products.
• Summary includes independent tests conducted by :
AV-Comparatives, AV-Test, Dennis Technology
Labs, MRG Effitas, NSS Labs, PC Security Labs,
VirusBulletin.
• Tests performed in these programs assess all
protection technologies against known, unknown
and advanced threats.
• The size of the bubble reflects the number of 1st
places achieved.

19. 19
IN DETAIL
WebCollaboration MailTOTAL
Vulnerability
Assesment
Inventories &
License Control
Software
Distribution Patch Management OS Deployment
Data Protection / Encryptie
ADVANCED
Mobile Application
Management
Mobile
Device Management
Device
Control
Application
Control
Web
Control
Beveiliging van file servers
Mobile Endpoint
Security
SELECT
Anti-malware + firewall
Kaspersky
Security
Center
CORE
Cloudondersteuning via het
Kaspersky Security Network (KSN) Endpoint Management Infrastructuur