- Ransomware volume up 15% globally year to date
- Encrypted threats spike 76%
- IoT malware attacks up 55%
- Malware attacks across non-standard ports dips to 13%
- With bitcoin value spiking, cryptojacking volume up 9%
MILPITAS, Calif. — July 24, 2019 — SonicWall today announced the findings from its mid-year update of the 2019 SonicWall Cyber Threat Report, based on real-world data from more than 1 million international security sensors in over 200 countries. New data found an escalation in ransomware-as-a-service, open-source malware kits and cryptojacking used by cybercriminals.
“Organizations continue to struggle to track the evolving patterns of cyberattacks — the shift to malware cocktails and evolving threat vectors — which makes it extremely difficult for them to defend themselves,” said SonicWall President and CEO Bill Conner. “In the first half of 2019, SonicWall Real-Time Deep Memory Inspection (RTDMI) technology unveiled 74,360 ‘never-before-seen’ malware variants. To be effective, companies must harness innovative technology, such as machine learning, to be proactive against constantly-changing attack strategies.”
Ransomware-as-a-Service: The Exploit Kit of Choice
While global malware volume is down 20%, SonicWall Capture Labs threat researchers found a 15% increase in ransomware attacks globally and a 195% surge in ransomware within the United Kingdom. SonicWall threat researchers accredit this to criminals’ new preference of ransomware-as-a-service (RaaS) and open-source malware kits.
IoT Dispersing Malware at Record Pace
As businesses and consumers continue to connect devices to the internet without proper security measures, IoT devices have been increasingly leveraged by cybercriminals to dispense malware payloads. In the first half of 2019, SonicWall observed a 55% increase in IoT attacks, a number that outpaces the first two quarters of the previous year.
Bitcoin Run Keeping Cryptojacking in Play
Cryptojacking volume hit 52.7 million for the first six months of the year, a 9% increase over the last six months of 2018. This rise can be partially attributed to the rise in bitcoin and Monero prices, helping cryptojacking stay relevant as a lucrative option for cybercriminals. Coinhive remains the top cryptojacking signature despite the service closing in March 2019. One reason for the high detection is that compromised websites have not been cleaned since the infection, even though the Coinhive service is non-existent and the URL has been abandoned.
Attacks Against Non-Standard Ports Still A Concern
Cybercriminals have their sights set on non-standard ports for web traffic as a manner to deliver their payloads undetected. Based on a sample size of more than 210 million malware attacks recorded through June 2019, Capture Labs monitored the largest spike on record since tracking the vector when one quarter of malware attacks came across non-standard ports in May 2019 alone.
Malicious PDFs, Office Files Remain Dangerous to Businesses
Traditional PDFs and Office files continue to be routinely leveraged to exploit users’ trust and experience to deliver malicious payloads. In February and March 2019, SonicWall Capture Labs threat researchers found that 51% and 47% of ‘never-before-seen’ attacks, respectively, came via PDFs or Office files.
To download the complete report, please visit www.sonicwall.com/ThreatReport. For current cyberattack data, visit the SonicWall Security Center to see latest attack trends, types and volume across the world.
SonicWall has been fighting the cybercriminal industry for over 27 years defending small and medium businesses, enterprises and government agencies worldwide. Backed by research from SonicWall Capture Labs, our award-winning, real-time breach detection and prevention solutions secure more than a million networks, and their emails, applications and data, in over 215 countries and territories. These organizations run more effectively and fear less about security. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.