Mid-year 2019 SonicWall Cyber Threat Report outlines major spikes in various threats
SonicWall’s mid-year 2019 SonicWall Cyber Threat Report has cited an alarming 76% and 55% spike in encrypted and IOT attacks respectively. The company also reported a 15% increase in global ransomware attacks, with ransomware as a service cited as the exploit kit of choice.
Says Ruan du Preez, business development manager at official SonicWall distributor, Drive Control Corporation (DCC): “SonicWall’s Cyber Threat Report clearly dispels the thinking that ransomware has become an outdated tactic. The report clearly shows a 15% increase to date, which demonstrates that ransomware remains a very real threat and should be addressed proactively.”
While malware attacks have decreased by 20% – good news undoubtedly – the number of variants has shown a worrying increase, says the report. SonicWall’s multi-engine Capture Advanced Threat Protection (ATP) cloud sandbox exposed 194 171 new malware variants at a pace of 1 078 new variant discoveries each day. This also marks rapid year-to-date increase of 45% compared to 2018.
The new variants are only part of the story, says the report; coupled with Capture ATP, SonicWall Real-Time Deep Memory Inspection (RTDMI) unveiled 74 360 ‘never-before-seen’ malware variants during the first half of the year.
Interestingly, traditional PDFs and Office files were often used to deliver these malicious payloads. Says the report: “In February and March 2019, SonicWall Capture Labs threat researchers found that 51% and 4% of ‘never-before-seen’ attacks, respectively, came via PDFs or Office files. Other months saw less volume, particularly compared to the spikes witnessed during the latter part of 2018.”
SonicWall found these numerous cases of unique variants leveraged different forms of PDF file types to launch their exploits. These included:
- Scams and fraud: These PDF-based fraud campaigns include links to scam sites that aren’t malware, by definition, but very malicious and encourage users to visit seemingly “safe” Web sites.
- Malicious URL: Attacks contained standard PDF files that include malicious links that download the next stage of a malicious Office file (or another level of misdirection). The final payload in this example is Emotet, a true malware.
- Phishing: These “phishing style” attacks offer a PDF with direct links to either malware downloads or phishing sites.
Lastly, when looking at IOT, the report remarks businesses and consumers continue to connect devices to the Internet without proper security measures. Device are therefore increasingly leveraged by cyber criminals to dispense malware payloads.
The complete 2019 SonicWall Cyber Threat Report is available for download here: https://www.sonicwall.com/lp/2019-cyber-threat-report-lp/.