SonicWall announces 2018 Cyber Threat Report
Internet security company SonicWall recently announced its 2018 Cyber Threat Report, which recorded approximately 9.32 billion malware attacks and over 12,500 new common vulnerabilities and exposures (CVE) in 2017.
The report sources information from over one million security sensors in about 200 countries and territories. The purpose of the report is to compare and contrast efforts made by cybersecurity professionals and global cyber criminals, according to SonicWall.
While a slew of data breaches made news headlines last year, the report found that expectations of more ransomware attacks were not realized. Full-year data shows that ransomware attacks decreased from 638 million to 184 million between 2016 and 2017. About half (46%) of ransomware attacks in 2017 were targeted at the Americas.
“We believe there are many contributing factors, including the fact that in several high profile instances, companies paid the ransom and then their data was not restored,” John Gordineer, director, product marketing, SonicWall, told RCR Wireless News in an email exchange. “Add to that the fact that security professionals and government organizations typically recommend that victims not pay a ransom. And finally, many businesses have implemented more robust protection against ransomware attacks as well as data backup and recovery solutions, making them less likely to become a victim or need to pay ransoms.”
Although ransomware decreased significantly year-over-year, the report found the number of ransomware variants continues to grow since 2015, increasing 101.2% in 2017. The authors of the report expect ransomware against IoT and mobile devices to increase this year as well.
The authors of the report also noted that cyber criminals continue to encrypt their malware to sidestep security controls. Encryption involves translating data into a different code, so that only users with a specific password can access the text. Without secure sockets layer (SSL) decryption capabilities, the authors of the report noted the average organization will see almost 900 file-based attacks per year hidden by SSL and transport layer security (TLS) encryption.
As to whether encryption traffic has made networks more or less secure, Gordineer said, “The growth of encrypted traffic is helping make networks more secure, however, cyber perpetrators will continue to use encryption to hide attacks in 2018. Encrypted malware can’t be ignored. Organizations must implement SSL decryption, inspection and mitigation capabilities into their security strategy to properly guard against these threats.”
Additionally, the report discovered cyber criminals are extending to new technological territories, especially chip processors. The report found malware writers implement advanced techniques, such as custom encryption, obfuscation and packing, as well as acting benign within sandbox environments, to allow malicious behavior to stay hidden in memory, according to the report.
The authors noted that law enforcement agencies are having an impact by arresting and convicting cyber criminals. Because of these efforts, cyber criminals are being more careful with cryptocurrency wallets and using different transaction currencies. Cooperation between national and international law enforcement agencies is also helping to combat global cyber threats.
Commententing of on what companies can do to help protect against these kind of cyber vulnerabilities, Gardineer said: “In the evolving cybersecurity landscape, vulnerabilities are bound to occur unexpectedly. To combat these attacks, organizations need to develop cybersecurity strategies that are more layered and dynamic to ensure more holistic protection. This includes next-generation firewalls, email security solutions, real-time cloud sandboxing, secure mobile access controls, and wireless access points.”