2018 SonicWall Cyber Threat Report

Threat intelligence, industry analysis and cybersecurity guidance for the global cyber arms race.

We are engaged in a cyber arms race, pitting the cybersecurity industry against those who seek to profit from cybercrime. This is a challenge we face together. And this is the core reason SonicWall is committed to passing its findings, intelligence, analysis, and research to the global public via the SonicWall Threat Report.

The modern cyberwar — against governments, businesses, and individuals alike — is comprised of a series of attacks, counterattacks, and respective defensive countermeasures. Many are simple and effective. Others are targeted and complex. Yet, they are all highly dynamic and require persistence, commitment, and resources to mitigate. And they will not go away.

Data for the 2018 SonicWall Cyber Threat Report was gathered by the SonicWall Capture Labs Threat Network, which sources information from global devices and resources, including:

• More than 1 million security sensors in nearly 200 countries and territories.
• Cross‐vector, threat‐related information shared among SonicWall security systems, including firewalls, email security devices, endpoint security solutions, honeypots, content filtering systems, and the SonicWall Capture Advanced Threat Protection multi‐engine sandbox.
• SonicWall internal malware analysis automation framework.
• Malware and IP reputation data from tens of thousands of firewalls and email security devices around the globe.
• Shared threat intelligence from more than 50 industry collaboration groups and research organizations.
• Intelligence from freelance security researchers.

Best Practices & Final Takeaways

Each year presents new and exciting developments that define the state of the cyber arms race and cybersecurity industry. These advances drive the actions of each organization, business, government, and individual. Unsurprisingly, 2017 was no different. While threat actors and cybercriminals are sophisticated, agile, and well-funded, the public and private sectors are turning the tide in the cyberwar.

This report includes the following 2018 predictions about:

• Meltdown & Spectre Exploits
• PDF & Microsoft Office
• Infostealers (by malware)
• New Ransomware Tricks
• The surge in Encrypted Attacks
• Proactive IoT Malware
• Malicious Cryptocurrency
• Consumer IoT Attacks (botnet-based attack)

The report concludes that this is a war, not just a battle. To survive the cyberwar, organizations must ensure they’re leveraging the proper security tools, services, and solutions to protect their brand, data, and customers appropriately. What was once a must-have capability two or three years ago could be outdated today. Security solutions, appliances, and strategies must be continually optimized or evaluated to ensure that they are layered, integrated, intelligent, and versatile.

The attached 25-page report includes detailed infographics and diagrams with a complete list of hyperlinked sources.