A team of threat researchers from SonicWall Capture Labs has been collecting and analysing threat data from over one million sensors based in different geographies.
Their research has indicated an escalation in the volume of cyber attacks, while also identifying new, targeted cyber attacks and threat tactics used by cybercriminals.
“Cyber perpetrators are not letting up in their relentless pursuit to illegally obtain data, valuable information and intellectual property,” said Bill Conner, president and CEO, SonicWall. “We must be unyielding in this cyber arms race. Sharing vital threat information with our customers and partners provides them a tactical advantage. But it’s also important to arm those at the forefront of this battle with this intelligence, promote global awareness of the threat landscape and continue to facilitate important dialogue around today’s most prevalent cyber threats.”
Processor vulnerabilities — a growing concern
In the wake of vulnerabilities like Spoiler, PortSmash, Foreshadow, Meltdown and Spectre that can lead to side-channel attacks, SonicWall threat researchers have deemed processor vulnerabilities a growing security concern for both software and hardware technologies, which could have ‘unprecedented’ ramifications.
SonicWall identified 74,290 never-seen-before attacks in 2019. These variants were so new, unique and complex that they were without a signature at the time of discovery and included detection of multiple side-channel attacks.
Fighting fire with fire
Network defences are increasing in sophistication with the integration of technologies, such as artificial intelligence.
However, as these improve, so to does the anonymity of attacks, which now include the targeting of non-standard ports to ensure payloads are concealed upon delivery. Based upon a sampling of more than 700 million malware attacks, the research revealed that 19.2% of malware attacks used non-standard ports, a year-over-year increase of 8.7%.
Who’s taking malware seriously? SonicWall’s CEO has the answers
“The concern over security and privacy is more prevalent than ever before. Industry and government must collaborate to build a more secure environment, mitigate risk, and build citizen trust in government and consumer trust in business,” said Michael Chertoff, executive chairman and co-founder of The Chertoff Group, and former US Secretary of Homeland Security.
“This report provides critical analysis into the evolution of cyber adversaries threat tactics and methods. As organisations increasingly rely on metrics to understand and forecast risk, this intelligence will help enterprises and governments make informed decisions on their security investment.”
The trojan horse
PDFs and Office files are everyday operating tools for organisations of all sizes and across all industries.
But, cybercriminals are now leveraging these trusted files to circumvent traditional firewalls and single-engine sandboxes to deliver malware.
SonicWall discovered threats in over 47,000 PDFs and almost 51,000 Office files in 2018. This presents a growing problem, as most security controls cannot identify and mitigate the hidden malware contained in the files.
• 10.52 billion malware attacks were blocked in 2018, the most ever recorded to date by the SonicWall.
• 217.5% increase in IoT attacks in 2018.
• More than 2.8 million encrypted malware attacks were blocked in 2018, a 27% year-over-year increase from 2017.
• 11% year-over-year increase in ransomware attacks.
• 56% increase in web app attacks.
• 3.9 trillion intrusion attempts.
The escalation of cyber threats may not come as a huge shock to those of us in the industry, however that doesn’t make it less alarming for businesses and consumers alike,” says Conner.
“SonicWall’s annual report has yielded figures which hardly allow for defenses to slacken: everyone who owns a computer is at risk of falling victim to an attack with potentially nefarious consequences.
“The casual adoption of IoT devices with little consideration overall for security measures means that the Internet of Things is more vulnerable than ever. This year’s 217% rise in IoT attacks, as discovered by SonicWall’s RTDMITM engine, indicates that the attack that could eventually target Critical National Infrastructure, with potentially devastating consequences for states, organisations and citizens, is edging ever closer.
“We see ransomware drastically down in the UK, however in my experience, this has been followed by a period of heightened attacks once businesses have been lulled into a sense of feeling overly secure. Nation-state actors are vying for dominance, and attack vectors multiply by the minute. The cyber arms race rages on, and ignoring it comes at a cost that not a single organisation or government can afford.
“Strengthening intelligence collaborations is paramount, as is adopting a multi-layered approach to cybersecurity strategies, something that has already proved critical in strengthening cyber defence. ”
The annual report is a result of SonicWall Capture Labs threat researchers analysing data from over 200,000 malicious events and malware samples daily to compare and document online criminal activity.