Malware Attacks Drop As Encrypted Attacks Increase

Cyber criminals and nation-state hackers now operate as stealthily as possible to accomplish their missions: so far in 2019, malware and phishing are down and encrypted attacks are up.

Specifically, malware attacks decreased by 20% with 4.78 billions of them, phishing attacks, by 18% with 8.3 million, and encrypted attacks jumped 76% at 2.4 million, according to new data released by SonicWall, which gathered attack data from its security sensors sitting in more than 200 countries. 

Ransomware, meanwhile, is still hot thanks to the broad availability of ransomware-as-a-service offerings, rising 15% worldwide, and up a whopping 195% in the UK.

"There are only so many bad guys coding, so they are recoding and repackaging" now, says Bill Conner, CEO of SonicWall, taloing to DarkReading  

"Malware might be down, but it's getting more malicious and nefarious in terms of the type of malware and how it's coming in."

Much of the malware decline has to do with the popularity of so-called fileless attacks and attackers using legitimate Windows and security tools to drill down deeper into their victim's network. Some regions had very different stats, the study found: the US experienced the most dramatic drop in malware attacks, 17%, while Switzerland was hit with a 72% jump in malware attacks.

They're also abusing encrypted channels such as HTTPS and SSL-based VPN channels to camouflage their traffic and malicious code. SonicWall has seen some 1,100 encrypted attack attempts per day per customer, Conner says. Many organisations mistakenly assume encrypted traffic is legit traffic, he notes.

The attackers are able to place malware in a file and "come through that Web channel and via that VPN," he explains. "They either go to the HTTPS site or right to the end user's desktop."

Encryption abuse long has been a worry for organisations unsure how to efficiently monitor encrypted traffic. Gartner previously estimated that half of cyberattacks using malware in 2019 would employ some type of encryption, and 70% will do so by 2020. Meanwhile, many security tools cannot detect malware hidden in SSL.

SonicWall's sensors spotted 13.5 million attack attempts on Internet of Things devices the first of half of this year, a nearly 55% increase, and crypto-jacking attacks jumped by 9% after a temporary lull, according to the report. Crypto-jacking isn't going anywhere now that the price of bitcoin and Monero digital currencies is on the rise, Conner notes.

The drop in phishing attacks is really more about these campaigns becoming more targeted and sophisticated. "Now they're going after the C suite, finance, and HR people," he says.

Dark Reading:     SonicWall:

You Might Also Read:

WannaCry Has Not Gone Away:

 

« The Cyber Effect On Modern Warfare
Cyber Terrorism & Piracy »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Puppet

Puppet

Puppet is a leader in IT automation. Our software helps DevOps securely automate configuration and management of machines and the software running on them.

Global Forum on Cyber Expertise (GFCE)

Global Forum on Cyber Expertise (GFCE)

GFCE is a global platform for countries, international organizations and private companies to exchange best practices and expertise on cyber capacity building.

Netresec

Netresec

Netresec is an independent software vendor with focus on the network security field. We specialize in software for network forensics and analysis of network traffic.

CTERA Networks

CTERA Networks

CTERA provides cloud storage solutions that enable service providers and enterprises to launch managed storage, backup, file sharing and mobile collaboration services using a single platform.

Haventec

Haventec

Haventec’s internationally patented technologies reduce cyber risk and enable pervasive trust services with a decentralised approach to authentication.

Elysium Analytics

Elysium Analytics

Elysium Cognitive Security Analytics delivers the latest and most flexible security system to reduce cost and complexity while providing unmatched scalability.

Cyentia Institute

Cyentia Institute

The Cyentia Institute is a research & data science firm with a mission to advance knowledge in the cybersecurity industry.

CWSI

CWSI

CWSI provide a full suite of enterprise mobility, security and productivity solutions to many of Ireland and the UK’s most respected organisations across a wide range of industry and public sectors.

Evanssion

Evanssion

Evanssion is a value added distributor specialized in Cloud Native & Cyber Security across Middle East & Africa.

Tech Seven Partners

Tech Seven Partners

At TechSeven Partners, we provide a full suite of cyber security solutions for your business including network monitoring, onsite and cloud backup solutions, HIPAA or PCI compliance.

BIRD Cyber

BIRD Cyber

BIRD Cyber is a program to promote collaboration on cybersecurity and emerging technologies aimed at enhancing the cyber resilience of critical infrastructure.

WheelHouse IT

WheelHouse IT

WheelHouse IT secures, manages, and advances businesses with innovative, cost-effective IT solutions.

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Auto-ISAC provides a forum for companies to analyze and identify threats sooner and share solutions that enhance vehicle cybersecurity.

Prophet Security

Prophet Security

Prophet Security empowers organizations to triage, investigate, and respond to alerts with unparalleled speed and accuracy.

SFY Information Technology

SFY Information Technology

SFY helps companies with Cyber Security and Managed IT, allowing them to focus on what really matters to them.

Luxembourg House of Cybersecurity (LHC)

Luxembourg House of Cybersecurity (LHC)

Luxembourg House of Cybersecurity (formerly SecurityMadeIn.lu) is the backbone of leading-edge cyber resilience in Luxembourg.