Story image

2018 sees surge in encrypted attacks, malware & ransomware

12 Jul 18

2018 is turning out to be a year of encrypted threats, ransomware, and soaring volumes of malware, leading experts to warn businesses that they will need every security tool in their toolbox to keep threats at bay.

SonicWall’s 2018 Cyber Threat Report defines the situation as a ‘cyber arms race that moves with great agility and purpose’ – and SonicWall CEO Bill Conner says that as the race gets faster it brings bigger consequences for enterprises, government agencies, and businesses in sectors including education and finance.

The report says that even though we’re only halfway through 2018, the volume of malware attacks (5.99 billion so far) is on track to exceed last year’s total of 9.32 billion.

“With the constantly changing and unpredictable threat landscape, it is vital that cybersecurity leaders build innovative and adaptable solutions to better protect their customers,” comments SonicWall VP and GM of Asia Pacific, Wias Issa.

“Cyber-criminals are getting more sophisticated with their attacks. We are now seeing more weaponised code that entails complexities and advanced custom encryption techniques. These attacks then expose, detonate, and wipe the weaponised code from memory in real time.”

Encrypted attacks (those that use SSL/TLS standards) have increased 275% year-to-date increase over 2017 from 1.4 million encrypted attacks across the world.

These attacks are becoming more common as more internet sessions (67.9%) leverage encryption as part of their traffic flow.

The report says that, “Without the ability to inspect encrypted traffic during this 12-month span, the average organization would have missed more than 900 file-based attacks per year hidden by TLS/SSL encryption.”

Conner adds that encrypted attacks are a critical challenge that the industry faces.

“Far too few organisations are aware that cybercriminals are using encryption to circumvent traditional networks security controls, and others aren’t activating new mitigation techniques, such Deep Packet Inspection of SSL and TLS traffic (DPI-SSL). We predict encrypted attacks to increase in scale and sophistication until they become the standard for malware delivery. And we’re not that far off.”

With so much focus on the topic of ransomware over the last few years, the report suggests that businesses should not forget about the virulent malware, as 2018 brought a major resurgence in attacks.

Between 2016 and 2017 attacks dropped from 645 million to 184 million, but so far 2018 has already seen 181.5 million attacks.

2018’s newest ransomware variants include Gandcrab, BitPaymer, Sigrun, PUBG, Satan, Lockcrypt, UselessDisk, Godra, InsaneCrypt, Genasom, and Xorist.

SonicWall also recognises the dangers surrounding Spectre-based chip attacks. SonicWall Real-Time Deep Memory Inspection now blocks those attacks.

“SonicWall has been using machine learning to collect, analyse and leverage cyber threat data since the 90s. This commitment to innovation and emerging technology is part of the foundation that helps deliver actionable threat intelligence, security efficacy and automated real-time breach detection and prevention to our global partners and customers,” Conner concludes.

Data for the 2018 SonicWall Cyber Threat Report mid-year update was gathered by the SonicWall Capture Threat Network, which sources information from global devices and resources including more than one million security sensors in nearly 200 countries and territories; cross‐vector, threat‐related information shared among SonicWall security systems, including firewalls, email security, endpoint security, honeypots, content-filtering systems; SonicWall Capture Advanced Threat Protection multi‐engine sandbox; and SonicWall’s internal malware analysis automation framework.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.