Malware Attacks Drop As Encrypted Attacks Increase

Uploaded on 2019-08-06 in TECHNOLOGY--Hackers, NEWS-News Analysis, FREE TO VIEW

Cyber criminals and nation-state hackers now operate as stealthily as possible to accomplish their missions: so far in 2019, malware and phishing are down and encrypted attacks are up.

Specifically, malware attacks decreased by 20% with 4.78 billions of them, phishing attacks, by 18% with 8.3 million, and encrypted attacks jumped 76% at 2.4 million, according to new data released by SonicWall, which gathered attack data from its security sensors sitting in more than 200 countries. 

Ransomware, meanwhile, is still hot thanks to the broad availability of ransomware-as-a-service offerings, rising 15% worldwide, and up a whopping 195% in the UK.

"There are only so many bad guys coding, so they are recoding and repackaging" now, says Bill Conner, CEO of SonicWall, taloing to DarkReading  

"Malware might be down, but it's getting more malicious and nefarious in terms of the type of malware and how it's coming in."

Much of the malware decline has to do with the popularity of so-called fileless attacks and attackers using legitimate Windows and security tools to drill down deeper into their victim's network. Some regions had very different stats, the study found: the US experienced the most dramatic drop in malware attacks, 17%, while Switzerland was hit with a 72% jump in malware attacks.

They're also abusing encrypted channels such as HTTPS and SSL-based VPN channels to camouflage their traffic and malicious code. SonicWall has seen some 1,100 encrypted attack attempts per day per customer, Conner says. Many organisations mistakenly assume encrypted traffic is legit traffic, he notes.

The attackers are able to place malware in a file and "come through that Web channel and via that VPN," he explains. "They either go to the HTTPS site or right to the end user's desktop."

Encryption abuse long has been a worry for organisations unsure how to efficiently monitor encrypted traffic. Gartner previously estimated that half of cyberattacks using malware in 2019 would employ some type of encryption, and 70% will do so by 2020. Meanwhile, many security tools cannot detect malware hidden in SSL.

SonicWall's sensors spotted 13.5 million attack attempts on Internet of Things devices the first of half of this year, a nearly 55% increase, and crypto-jacking attacks jumped by 9% after a temporary lull, according to the report. Crypto-jacking isn't going anywhere now that the price of bitcoin and Monero digital currencies is on the rise, Conner notes.

The drop in phishing attacks is really more about these campaigns becoming more targeted and sophisticated. "Now they're going after the C suite, finance, and HR people," he says.

Dark Reading:     SonicWall:

You Might Also Read:

WannaCry Has Not Gone Away:

 

« The Cyber Effect On Modern Warfare
Cyber Terrorism & Piracy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Allegro Software

Allegro Software

Allegro provide secure software for the Internet of Things.

Backup112

Backup112

Backup112 has been delivering professional cloud backup services since 2004.

ReversingLabs

ReversingLabs

ReversingLabs develops cyber threat detection and mitigation tools that address the the latest directed attacks, advanced persistent threats and polymorphic malware.

Salt Security

Salt Security

Salt Security protects the APIs that are the core of every SaaS, web, mobile, microservices and IoT application.

IoTsploit

IoTsploit

IoTsploit provides 20/20 visibility of network connections, protecting critical infrastructure assets from IoT vulnerabilities.

Verodin

Verodin

Verodin is a business platform that provides organizations with the evidence needed to measure, manage and improve their cybersecurity effectiveness.

JobStreet.com

JobStreet.com

JobStreet is one of Asia’s leading online employment marketplaces in Malaysia, Philippines, Singapore, Indonesia and Vietnam.

Elemental Cyber Security

Elemental Cyber Security

Elemental is a game changing cyber security compliance automation and enforcement technology provider.

Nexor

Nexor

Nexor are a UK-based cyber security company with 30 years' experience in secure information exchange.

ITTAS

ITTAS

ITTAS is a multidisciplinary company specializing in information security and software and hardware protection software.

Yoti

Yoti

Yoti offer a suite of business solutions that span identity verification, age estimation, e-signing and AI anti-spoofing technologies.

HackEDU

HackEDU

HackEDU provides secure coding training to companies ranging from startups to the Fortune 500.

Jit

Jit

Jit empowers developers to own security for the product they are building from day zero.

Gulf Business Machines (GBM)

Gulf Business Machines (GBM)

GBM is a leading end-to-end digital solutions provider, offering the broadest portfolio, including industry-leading digital infrastructure, digital business solutions, security and services.

Rootshell Security

Rootshell Security

Rootshell Security is transforming vulnerability management with its vendor-agnostic Prism Platform and industry-leading offensive security assessments.

Cyber Defense International (CDI)

Cyber Defense International (CDI)

At CDI, we utilize decades of experience in designing and building large-scale cybersecurity programs, creating tailored solutions and services that protect businesses from cyber threats.