SonicWall announced the release of the 2019 SonicWall Cyber Threat Report that delivers an in-depth look at threat intelligence obtained from its more than 1 million sensors from around the world. Analyzed by the SonicWall Capture Labs, an elite team of threat researchers, threat data collected over the course of 2018 indicates an escalation in the volume of cyberattacks and new, targeted threat tactics used by cyber criminals.
“Cyber perpetrators are not letting up in their relentless pursuit to illegally obtain data, valuable information and intellectual property,” said Bill Conner, President and CEO, SonicWall. “We must be unyielding in this cyber arms race. Sharing vital threat information with our customers and partners provides them a tactical advantage. But it’s also important to arm those at the forefront of this battle with this intelligence, promote global awareness of the threat landscape and continue to facilitate important dialogue around today’s most prevalent cyber threats.”
In the wake of vulnerabilities like Spoiler, PortSmash, Foreshadow, Meltdown and Spectre that can lead to side-channel attacks, SonicWall threat researchers have deemed processor vulnerabilities a growing security concern for both software and hardware technologies, which could have unprecedented ramifications. SonicWall’s patent-pending Real-Time Deep Memory Inspection (RTDMI) identified 74,290 never-seen-before attacks in 2019. These variants were so new, unique and complex that they were without a signature at the time of discovery and included detection of multiple side-channel attacks.
As network defenses increase in sophistication, so do the anonymity of attacks that now include the targeting of non-standard ports to ensure payloads are concealed upon delivery. Based upon a sampling of more than 700 million malware attacks, SonicWall research revealed that 19.2 percent of malware attacks used non-standard ports, a year-over-year increase of 8.7 percent.
“The concern over security and privacy is more prevalent than ever before. Industry and government must collaborate to build a more secure environment, mitigate risk, and build citizen trust in government and consumer trust in business.” said Michael Chertoff, Executive Chairman and Co-Founder of The Chertoff Group, and former U.S. Secretary of Homeland Security. “This report provides critical analysis into the evolution of cyber adversaries threat tactics and methods. As organizations increasingly rely on metrics to understand and forecast risk, this intelligence will help enterprises and governments make informed decisions on their security investment.”
PDFs and Office files have long since been an everyday operating tool for organizations of all sizes and across all industries. Cybercriminals are now leveraging these trusted files to circumvent traditional firewalls and single-engine sandboxes to deliver malware. SonicWall’s multi-engine sandbox service discovered threats in over 47,000 PDFs and almost 51,000 Office files in 2018. This presents a growing problem, as most security controls cannot identify and mitigate the hidden malware contained in the files.
The annual report is a result of SonicWall Capture Labs threat researchers analyzing data from over 200,000 malicious events and malware samples daily to compare and document online criminal activity.
- 10.52 billion malware attacks were blocked in 2018, the most ever recorded to date by the SonicWall
- 217.5 percent increase in IoT attacks in 2018
- More than 2.8 million encrypted malware attacks were blocked in 2018, a 27 percent year-over-year increase from 2017
- 11 percent year-over-year increase in ransomware attacks
- 56 percent increase in web app attacks
- 3.9 trillion intrusion attempts