Nation states are behind the spike in global malware and adding to the complexity of the cyber threat landscape.
Cyber… it’s complicated
There are so many different strains of malware, which impact different regions more or less severely, that it’s very hard to keep track of these threats. It is something that constantly evolves, with targeted and/or sporadic attacks.
Towards the end of last year, there was some good news. Levels of ransomware had actually dropped against UK organisations — this is because the government and the National Cyber Security Centre (NCSC) had committed to tackle this particular strain of malware following WannaCry’s historic attack on the NHS. The UK’s hand was forced. In the US, however, levels of ransomware had increased.
Today, as is the nature of cyber threats, the landscape is totally different.
In the latest report from SonicWall, it has revealed that in 2o19 the UK was the most hit region by ransomware. After enjoying a 59% decline in ransomware in 2018, the country saw ransomware volume jump by almost 200% year-to-date for the first half of the year.
The global volume of ransomware reached 110.9 million for the first half of 2019, a 15% year-to-date increase.
However, malware attacks are largely down in 2019, with a few exceptions like India recording a 25% increase. The US recorded a 17% decrease, France a decrease of 53% and Germany a decrease of 63% in malware activity.
“The makeup has got a lot more insidious. And the geographic focus has changed,” Bill Conner, CEO at SonicWall, explained to Information Age.
Who’s taking malware seriously? SonicWall’s CEO has the answers
Nation states
In 2019, more than ever, nation states are dictating the types of malware impacting different geographies.
“It’s not just the bad guys doing it, nation states are too. And the origin of a lot of it is Russian,” said Conner.
What motivations do countries have to send malware out into the world? Well, there are lots of different reasons; financial, intellectual property theft and sometimes for political disruption.
Nation states have multi-faceted reasons for engaging in ‘cyber espionage‘.
There’s a geographic diversity in the types of malware impacting different regions
Who knows what’s vulnerable
The reality is governments, enterprises and other businesses work on email, office docs and increasingly Office365 and pdfs. No one thinks those are vulnerable — “but the cybercriminals [state-sponsored or otherwise] now know how to defeat these traditional sandboxes,” continued Conner.
To mitigate this threat, Conner believes that we need more innovation, because “the bad guys” are innovating at a faster pace. “They’re putting sandboxes in at the deep level and trying to figure out how to go around it. They’re looking at pdf architectures and features and working out how to defeat them,” he said.
Protecting tech startups without compromising on innovation
Fostering innovation
“Organisations continue to struggle to track the evolving patterns of cyber attacks — the shift to malware cocktails and evolving threat vectors — which makes it extremely difficult for them to defend themselves,” said Conner in a press release ahead of the launch of SonicWall’s latest report. “In the first half of 2019, SonicWall Real-Time Deep Memory Inspection (RTDMI) technology unveiled 74,360 ‘never- before-seen’ malware variants. To be effective, companies must harness innovative technology, such as machine learning, to be proactive against constantly-changing attack strategies.”
There are no silver bullets, but it is of vital importance that tech startups and enterprises continue to innovate; in order to come up with solutions that mitigate and prevent this increasingly varied cyber threat cocktail. The government needs to support this, as do the larger enterprises with the significant R&D budgets.
“How do you help seed that, how do you have companies more innovation? How do you have small businesses understand you need to do six things to make yourself less targeted,” asked Conner?
“The UK and US government aren’t talking about that for SMEs. They talk about it with carriers, ISPs, large enterprises and banks, but we need to go back to what our our economy runs on — which is innovation in small businesses. We must encourage that.”
He then pointed to the GDPR, which has addressed some data privacy issues. But, now there is an obvious cyber problem, made worse by nation states, which has to be addressed — “the UK needs to figure out what the cyber DNA is as a government for SME startups and small businesses, because that’s what’s underpinning the economy and democracy,” he said.
Cyber security best practice: Definition, diversity, training, responsibility and technology
