- Company publishes mid-year update of 2018 SonicWall Cyber Threat Report, finds more than 5.99 billion total malware attacks, up 102 percent, in the first six months of 2018
- Ransomware back in big way, 181.5 million attacks since January, a 229 percent year-to-date increase
- Encrypted threats up 275 percent over last year
- Company’s Real-Time Deep Memory InspectionTM (RTDMI) technology now stops Spectre chip-based attacks
- RTDMI stopped more than 12,300 never-before-seen variants in 2018
SonicWall has announces record numbers for malware volume, ransomware attacks, encrypted threats and chip-based attacks in the mid-year update of the 2018 SonicWall Cyber Threat Report.
“The cyber arms race is moving faster than ever with bigger consequences for enterprises, government agencies, educational and financial institutions, and organisations in targeted verticals,” said SonicWall CEO Bill Conner. “SonicWall has been using machine learning to collect, analyse and leverage cyber threat data since the ‘90s. This commitment to innovation and emerging technology is part of the foundation that helps deliver actionable threat intelligence, security efficacy and automated real-time breach detection and prevention to our global partners and customers.”
SonicWall publishes its monthly cyber threat intelligence via a public-facing resource, Capture Security Center, on the company’s website. The cloud-based tool offers the ultimate in visibility, agility and capacity to govern entire SonicWall security operations and services with greater clarity, precision and speed — all from a single pane of glass.
“Real-time cyber threat intelligence is more critical than ever as cybercriminals continue to find new attack vectors — like encrypted and chip-based attacks,” said Chad Sweet, Chief Executive Officer at The Chertoff Group, a global advisory focused on security risk management. “To stay protected in the cyber arms race, organisations must use every tool in their security toolbox, particularly technology that delivers the necessary visibility to enhance an organisation’s security posture.”
Malware Volume Still Climbing from 2017’s Record Highs
The malware boom of 2017 has shown no signs of stopping through the first half of 2018. SonicWall Capture Labs threat researchers recorded 5.99 billion malware attacks during the first two quarters of the year. At this same point in 2017, SonicWall logged 2.97 billion malware attacks.
On a month-to-month basis in 2018, malware volume remained consistent in the first quarter before dropping to less than 1 billion per month across April, May and June. These totals were still more than double that of 2017.
Ransomware Back in Big Way
Published in March’s original report, SonicWall Capture Labs threat researchers found that ransomware attacks dropped significantly — from 645 million to 184 million — between 2016 and 2017.
SonicWall now shows ransomware attacks surging in first six months of 2018. There have been 181.5 million ransomware attacks year to date. This marks a 229 percent increase over this same time frame in 2017.
Encrypted Attacks Ascend to Record Highs
The use of encryption continues to grow for legitimate traffic and malicious cyberattacks alike. In 2017, SonicWall reported that 68 percent of sessions were encrypted by SSL/TLS standards. Through six months of 2018, 69.7 percent of sessions are leveraging encryption.
Cybercriminals are strategically following this trend to help prevent their malicious payloads from being discovered. Encrypted attacks increased 275 percent when compared to this time in 2017.
“Encrypted attacks are a critical challenge in the industry,” said Conner. “Far too few organisations are aware that cybercriminals are using encryption to circumvent traditional networks security controls, and others aren’t activating new mitigation techniques, such Deep Packet Inspection of SSL and TLS traffic (DPI-SSL). We predict encrypted attacks to increase in scale and sophistication until they become the standard for malware delivery. And we’re not that far off.”
SonicWall Now Blocks Spectre Chip-Based Attacks
The SonicWall Real-Time Deep Memory Inspection (RTDMITM) technology now protects customers from Spectre chip-based attacks. SonicWall Capture Labs threat researchers validated RTDMI mitigation against Spectre variants and false positives in production.
“With the constantly changing and unpredictable threat landscape, it is vital that cybersecurity leaders build innovative and adaptable solutions to better protect their customers,” said Wias Issa, Vice President and GM of Asia Pacific, Japan at SonicWall. “Cyber-criminals are getting more sophisticated with their attacks. We are now seeing more weaponised code that entails complexities and advanced custom encryption techniques. These attacks then expose, detonate, and wipe the weaponised code from memory in real time.”
Since January 2018, RTDMI has identified and blocked more than 12,300 never-before-seen cyberattacks and malware variants.
Included in the SonicWall Capture Advanced Threat Protection (ATP) sandbox service, RTDMI identifies and mitigates even the most insidious cyber threats where weaponry is exposed for less than 100 nanoseconds. RTDMI protects against chip-based attacks like Meltdown and Spectre, as well as attacks leveraging PDFs and Microsoft Office documents.
“A majority of industry sandbox solutions that companies rely on do not perform true real-time analysis of malware. Periodically, sandboxes “blink” and miss small amounts of sophisticated attacks that could expose customers to debilitating threats,” said Issa. “SonicWalls’ RTDMI provides next level technology that doesn’t blink and thus isn’t at risk to missing threats and will block sophisticated attack vectors, protecting customers in real time.”
The SonicWall Capture Threat Network
Data for the 2018 SonicWall Cyber Threat Report mid-year update was gathered by the SonicWall Capture Threat Network, which sources information from global devices and resources including more than 1 million security sensors in nearly 200 countries and territories; cross‐vector, threat‐related information shared among SonicWall security systems, including firewalls, email security, endpoint security, honeypots, content-filtering systems; SonicWall Capture Advanced Threat Protection multi‐engine sandbox; and SonicWall’s internal malware analysis automation framework.
To download the mid-year update of the 2018 SonicWall Cyber Threat Report, please visit sonicwall.com/ThreatReport.
For More Information
To learn more about SonicWall, or to partner with us, please visit:
About SonicWall
SonicWall has been fighting the cyber-criminal industry for over 26 years defending small, medium-size businesses and enterprises worldwide. Backed by research from SonicWall Capture Labs and the formidable resources of over 26,000 loyal channel partners around the globe, our award-winning, real-time breach detection and prevention solutions secure more than a million business and mobile networks and their emails, applications and data. This combination of products and partners has enabled an automated real-time breach detection and prevention solution tuned to the specific needs of the more than 500,000 organisations in over 200 countries and territories. These businesses can run more effectively and fear less about security. For more information, visit www.sonicwall.com.
