Malware Attacks Drop As Encrypted Attacks Increase

Cyber criminals and nation-state hackers now operate as stealthily as possible to accomplish their missions: so far in 2019, malware and phishing are down and encrypted attacks are up.

Specifically, malware attacks decreased by 20% with 4.78 billions of them, phishing attacks, by 18% with 8.3 million, and encrypted attacks jumped 76% at 2.4 million, according to new data released by SonicWall, which gathered attack data from its security sensors sitting in more than 200 countries. 

Ransomware, meanwhile, is still hot thanks to the broad availability of ransomware-as-a-service offerings, rising 15% worldwide, and up a whopping 195% in the UK.

"There are only so many bad guys coding, so they are recoding and repackaging" now, says Bill Conner, CEO of SonicWall, taloing to DarkReading  

"Malware might be down, but it's getting more malicious and nefarious in terms of the type of malware and how it's coming in."

Much of the malware decline has to do with the popularity of so-called fileless attacks and attackers using legitimate Windows and security tools to drill down deeper into their victim's network. Some regions had very different stats, the study found: the US experienced the most dramatic drop in malware attacks, 17%, while Switzerland was hit with a 72% jump in malware attacks.

They're also abusing encrypted channels such as HTTPS and SSL-based VPN channels to camouflage their traffic and malicious code. SonicWall has seen some 1,100 encrypted attack attempts per day per customer, Conner says. Many organisations mistakenly assume encrypted traffic is legit traffic, he notes.

The attackers are able to place malware in a file and "come through that Web channel and via that VPN," he explains. "They either go to the HTTPS site or right to the end user's desktop."

Encryption abuse long has been a worry for organisations unsure how to efficiently monitor encrypted traffic. Gartner previously estimated that half of cyberattacks using malware in 2019 would employ some type of encryption, and 70% will do so by 2020. Meanwhile, many security tools cannot detect malware hidden in SSL.

SonicWall's sensors spotted 13.5 million attack attempts on Internet of Things devices the first of half of this year, a nearly 55% increase, and crypto-jacking attacks jumped by 9% after a temporary lull, according to the report. Crypto-jacking isn't going anywhere now that the price of bitcoin and Monero digital currencies is on the rise, Conner notes.

The drop in phishing attacks is really more about these campaigns becoming more targeted and sophisticated. "Now they're going after the C suite, finance, and HR people," he says.

Dark Reading:     SonicWall:

You Might Also Read:

WannaCry Has Not Gone Away:

 

« The Cyber Effect On Modern Warfare
Cyber Terrorism & Piracy »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

NuHarbor Security

NuHarbor Security

NuHarbor is a leading information security consulting and advisory firm specializing in Information Security, Compliance, and Risk Management.

Rollbar

Rollbar

Rollbar is a full-stack error monitoring platform for web and mobile applications. We help developers find and fix bugs fast. Built by developers for developers.

AcceptLocal

AcceptLocal

AcceptLocal is a payments industry consultancy with expertise in payment processing, payment security, anti-money laundering and fraud prevention.

Vitrociset

Vitrociset

Vitrociset design complex systems for defence, homeland security, space and transport. Activities include secure communications and cybersecurity.

NRD Cyber Security

NRD Cyber Security

NRD Cyber Security create a secure digital environment for countries, governments, and organisations and implement cybersecurity resilience enhancement projects around the world.

Cyscale

Cyscale

Cyscale automates the contextual analysis of cloud misconfigurations, vulnerabilities, access, and data, to provide an accurate and actionable assessment of risk.

Abnormal Security

Abnormal Security

Abnormal is an API-based email security platform providing protection against the entire spectrum of targeted email attacks.

Pinpoint Search Group

Pinpoint Search Group

Pinpoint Search Group's recruiters specialize in Information Management, Cyber Security, Cloud and Robotic Process Automation (RPA).

e-Careers

e-Careers

e-Careers is an edtech institution that provides industry recognised courses and up-skilling solutions to individuals and organisations.

SpiderOak

SpiderOak

SpiderOak's portfolio of Secure Communication & Collaboration products ensure the confidentiality, integrity, and availability of your most sensitive data in any environment.

Ekco

Ekco

Ekco is one of Europe’s leading managed cloud providers. With a network of infrastructure and security specialists across Europe, we’ve perfected our approach to supporting digital transformation.

Heartland Business Systems (HBS)

Heartland Business Systems (HBS)

Heartland Business Systems serves commercial, public sector and small to medium business with results-driven and dedicated information technology services.

Crygma

Crygma

CRYGMA Quantum-Resistant Cryptographic Machines, the new standard in data encryption.

C2 Risk

C2 Risk

C2 Risk are focussed on risk analytics for information assurance, privacy and ESG (Environmental, Social, and Governance).

Sri Lanka CERT

Sri Lanka CERT

Sri Lanka CERT is the National Centre for Cyber Security, which has the national responsibility of protecting the nation’s cyberspace from cyber threats.

Computer Futures

Computer Futures

Computer Futures are a global specialist IT recruitment partner, matching candidates with roles across niche IT markets and core technologies.