2016 Recap: Internet security trends and developments

2016 Recap: Internet security trends and developments

A letter from Emsisoft’s CEO, Christian Mairoll

Ransomware, ransomware, ransom everywhere

2016 was the year when ransomware went from wide spread to epidemic dimensions, and let’s be honest: It’s an awesome business model for the bad guys. Viruses and other malware can be removed from infected machines, but encrypted files? Not really. Holding people’s most important documents and pictures hostage provides one of the strongest leverages you can think of to rush victims into paying several hundred dollars of ransom. Having backups of all data is key, but unfortunately they are not always available for various reasons. So we don’t expect ransomware to disappear any time soon.

Helping people for free with decrypters

Emsisoft’s Chief Technology Officer Fabian Wosar made a reputation in the industry by creating high quality ransomware decrypters. Not all ransomware can be decrypted, but malware authors often make coding mistakes that allow us to extract the decryption routines and make them available in the form of free downloadable decrypters. We continuously publish these tools on our Decrypter Page.

Associate partner of the “No More Ransom” initiative

Fortunately, there are more professionals like Fabian across the antivirus industry who have the technical knowledge for disassembling ransomware to its machine code and making decrypters from that information. The National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and two cyber security companies – Kaspersky Lab and Intel Security – started an initiative to bring the experts together in order to publish their decrypters on a common website called “No More Ransom“. Emsisoft recently became an associate partner of that initiative.

Feeling flattered: “Fabiansomware”

Helping victims for free naturally triggers the anger of the bad guys. Some of them place hidden ugly messages in their programs, others fight us on Twitter and security forums. But the funniest example was someone who renamed his ransomware to “Fabiansomware“. If only they knew how honored Fabian felt! :)


Making great, light-eight security software even better

Our software development efforts in 2016 were not only put into creating ransomware decrypters, rest assured. Emsisoft actually celebrated a series of major software releases that introduced a number of great evolvements, to make sure you as a customer stay protected from all types of online threats from viruses to trojans and unwanted programs.

Emsisoft Anti-Malware & Emsisoft Internet Security 12

This year’s major release of Emsisoft Anti-Malware, and its firewall-enhanced brother Emsisoft Internet Security, added an improved behavior blocker, specifically trained to block ransomware better than any specialized anti-ransomware tools. Our lab also extended the capabilities of our dual scan engine for a much smarter detection and cleaning of potentially unwanted programs, adware and other data collectors. The Anti-Malware Network file database grew to a quarter billion known bad files, allowing the behavior blocker and scanner to make better threat decisions and avoid wrong detections. Revised extended whitelisting and a new notifications system provide even more flexibility in everyday use of the software. View version 12 improvements.

Emsisoft Enterprise Console 12

With the new Emsisoft Enterprise Console tool we now offer an efficient and easy way for system administrators to manage protection for smaller and larger organizations. Best of all, it’s available free of charge, without a catch. Use it to monitor malware findings across your network from a central place, deploy protection in batches, and manage software settings and user permissions in groups. View version 12 improvements.

Emsisoft Emergency Kit 12

Here at Emsisoft we know that almost all users who once try our high-quality software stay with us for a very long time. But most people already have some sort of (free) antivirus software installed on their computers and are hesitant to replace it with something new. That’s why we provide our awarded malware scanner technology as a portable toolkit called Emsisoft Emergency Kit – ideal to get a free second opinion. It doesn’t require any installation and can run next to any other antivirus software. So if your friends and family members call you to fix their infected computer, you know how to get it clean again. View version 12 improvements.

Emsisoft Mobile Security 3

We partnered with mobile segment leader Bitdefender to bring you the best mobile protection available incorporated as Emsisoft Mobile Security. Bitdefender’s technology is highly regarded in the industry earning 100% from AV-Test and best in test rankings from other test labs. Our partnership gives you the best of both worlds; the best mobile protection on the market bundled with our award-winning Emsisoft Anti-Malware. View version 3 improvements.

Tested and awarded by AV-Test, AV-Comparatives, VirusBulletin and AVLab

In 2016, Emsisoft Anti-Malware was for the first time tested by all major antivirus testing organizations. They all confirmed our excellent protection capabilities, awarding us with numerous certifications: Multiple AV-Test certifications with best possible ratings in Protection and Usability; AV-Comparatives with best possible ratings in multiple File Detection and Performance tests and also a Top Product of the Year award; VirusBulletin with VB100 awards in all 4 Windows tests conducted this year; and best possible rating in AVLab tests.

Emsisoft in a nutshell: Authenticity, ethics, reliability, availability

We’d like to thank all those hundreds of customers who sent us messages like these this year:

Your actions and help with this issue again reinforces the strong customer relations that are key to your success (as well as your excellent security products and focus on being the best). – Mark, USA


I just wanted to take this opportunity to applaud your customer service. I was having a problem reinstalling Emsisoft & finally contacted support. Since it was Sunday, I didn’t really expect to hear anything until Monday. David Biggar contacted me at 5:16 Sunday evening. This man went way above & beyond what I have experienced with support people at other companies. – Peggy , USA


As a blind computer user who needs a screen reader to use my computer, I am very pleased with the efforts made by Emsisoft to improve the accessibility in Emsisoft. – Sven, Netherlands


Emsisoft stand heads and shoulders above many other companies, of any kind, when it comes to the quality of their product and their Customer service department. Dealing with you has always left me with the impression of the days gone by, when people used to be nicer to each other and a handshake was enough to confirm an agreement. Your company is a terrific example of how things should be done. And it is a tribute to the calibre of all of you, gentlemen, who make this experience possible. Hats off! – Josef, Canada


Emsisoft AntiMalware was the best money I ever spent for a security product. – A forum user

Continuously providing reliable security strategies

During the past year, our internationally distributed team of 40 has increased their efforts in making sure you can stay safe online. We don’t see security as a ‘thing’ that can be sold. It’s a process that requires more than just a great protection software.

Knowledge is key to safety

Our aim is to equip you with the relevant security knowledge so you can make better decisions in everyday situations. Our talented security writers created dozens of high-quality articles on various topics such as How to avoid tech support scammers, Popular WhatsApp scams, How identity theft works, Three misconceptions surrounding firewalls, and the question whether the use of public wi-fi is safe or not. Additionally we started the Emsisoft.TV YouTube channel where you can watch the Emsisoft protection components blocking real world malware attacks.

Best method to keep malware out: Prevention & Backup

Never make cleaning the core element of your security strategy. While malware in the old days was easy to remove file by file, today’s threats hook deeply into the operating system, making it almost impossible to remove them without causing further damage or side-effects. Our advise on this is clear: Once a system was infected, you can’t trust it anymore. You have to wipe and rebuild the system because you never know what configuration changes malware did, which will continue to make your computer vulnerable, even if the malware itself is long gone. Always make sure you have working backups of your data available, because once encrypted with ransomware, chances are that you’ll never be able to get your files back.

What’s to come in 2017?

Ransomware will certainly stay on our screen for some more time. It will be more advanced with fewer mistakes made, making it harder or even impossible for us to create decrypters. On the other hand we are confident that even the most remote living folks will sooner or later get to know about ransomware and how to take basic measures to prevent it.

The past year showed us how vulnerable many websites are. We recently saw a record-breaking data theft of 1 billion (!) Yahoo user accounts. It can be expected that more events like that will pop up on IT security news portals in the upcoming year, so be careful who you provide your personal data.

If we had to make a prediction of what’s coming up, we would estimate that stolen data will be more and more used as leverage for ransom payments. “Do you want your complete medical records to show up on google or do you prefer to pay a couple hundred dollars of ransom?”. We’ll see questions like that from the bad guys probably very soon.

On the technical side, we have some amazing projects on our to-do list for the upcoming year. Sorry we can’t reveal any details on those yet (competition is listening!), but those improvements will mainly focus on better protection, usability enhancements and speed. Our aim is still to create the best possible online threat protection while caring about your privacy. Malware never sleeps, and nor do we.


Have a great, malware-free year ahead!



Christian Mairoll, CEO Emsisoft


  • joseph von braun

    As a computer user since 1995 I went through many antivirus programs.
    Now last 3 years I am with Emsisoft and without wasting many words can just say
    You people in Emsisoft are unreal,not only that your program is very good in all aspects whats more and most important you do CARE.
    I wish all of you Happy NEW YEAR 2017 and to all your fans as you say MALWARE-FREE YEAR !

  • Definitely true about support going above and beyond and being really leagues away from what one has come to expect from support anywhere.
    Must say that rather only applies to what support can actually do though, as once it’s a matter that needs to be sorted out by devs, fixes may take a very long time and changes seem to probably never happen, or if anything are made in the opposite direction.
    On that note, my top wishlist item remains the same: Separating between definitions and program updates, and prompting on program updates and the ability to refuse/delay until you’re good and ready for it, preferably also with the ability to say don’t notify again for a certain amount of time going up to at least a full day. (As for the argument that sometimes definition handling changes, there must be some leeway since you have the beta/stable/delayed streams, and if it comes to a point where a newer version is required that can be added as a message, notifying the user they will no longer get definitions updates either until they do the program update, which is still a choice.) No longer requiring a system restart for a program update is great, but really don’t want updates to such a major system component whenever it feels like it. Those must only happen when I choose to let them happen, period, no ifs or buts. The main reason I said I’ll never touch Win10 after all.
    Past that, still want a reversal of the auto game mode introduced in 11.8 or whenever it was (for me, being on delayed, it was when 11.10 was pushed on that stream as well). Yes, it is good that you can disable the changes applied, but not enough. If you want to make it load an alternate configuration when certain conditions are met instead of only manually, allow the conditions to be set by the user, with “whenever an application is in full screen” as default but also being able to load it when specific applications are running even when not in full screen, or (if that default is disabled) only when specific applications are running in full screen, or of course never, manual only as it used to be. And then if you want to go even further, make this alternate configuration a full alternate configuration, in case somebody for example wants to lower or disable file guard or behavior analysis when something very resource-intensive is running, or for the IS in case someone wants a certain program to get full network access when running and therefore would set the alternate configuration firewall to block anything except it. But first order of business, make it possible to get back to manual only, thanks!
    And now the third thing showed up since v12, with scanning taking twice as long. Granted, see improvements to that listed, but being on delayed they didn’t get to me yet, but this is something that can be handy at any point really and I just thought of it after v12 hit because that’s when a scan ended up taking about 1h and it was an issue: An option to not update while scan is in progress would be useful.

  • Mangalore Cafe

    Where do they ask the money to be deposited? It has to be a bank account. Then why are they not caught. Maybe not if they ask ransom from a common man but from a company definitely they can traced and caught.
    I think this is why bitcoin become popular its backed by all these hackers and criminals. They need an untraceable currency.
    Otherwise I was always wondering how did “play money”(that is what bit coin was. gaming money that became mainstream. Gamers buy gaming money paying real money, while some gamers played well and earned that money. So some smart gamer dude most probably like the gaming store decided to take gaming money instead of real money because he knew there were enough people to pay him cash and he obviously made a profit. Like if 1000 Gaming money cost 10$ to buy through the game. The gaming store guy gave something costing 3or 5$ for 1000 Gaming money and then would have sold it for 7$ or even 10$. This is how bitcoin evolved when there were enough people ready to buy this online gaming money for less that they would have to pay to buy it from game developers). become so popular and you had so many people talking like it was real money and the future of money. Now we know these scamsters are behind it.