SonicWall has released the findings from its comprehensive 2018 Cyber Threat Report.
The company recorded a staggering 9.32 billion malware attacks in the year just gone with more than 12,500 new common vulnerabilities and exposures (CVE). And while the sheer number of ransomware attacks has fallen, SonicWall says it is more dangerous than ever before.
“The cyber arms race affects every government, business, organisation and individual. It cannot be won by any one of us,” says SonicWall CEO Bill Conner.
“Our latest proprietary data and findings show a series of strategic attacks and countermeasures as the cyber arms race continues to escalate. By sharing actionable intelligence, we collectively improve our business and security postures against today’s most malicious threats and criminals.”
“The risks to business, privacy and related data grow by the day — so much so that cybersecurity is outranking some of the more traditional business risks and concerns,” says Conner.
SonicWall says despite WannaCry, Petya, NotPetya and Bad Rabbit plastering the headlines around the world, the expectation of more ransomware attacks didn’t eventuate as anticipated.
With most browsers dropping support of Adobe Flash, no critical flash vulnerabilities were discovered in 2017. That, however, hasn’t deterred threat actors from attempting new strategies.
SonicWall says law enforcement (including the ciooperation of international agencies) is having an impact with key arrests of cybercriminals continuing to help disrupt malware supply chains and the rise of new would-be hackers.
“Stabilising the cyber arms race requires the responsible, transparent and agile collaboration between governments, law enforcement and the private sector,” says the Honorable Michael Chertoff, Chairman of the Chertoff Group and former U.S. Secretary of Homeland Security.
“Like we witnessed in 2017, joint efforts deliver a hard-hitting impact to cybercriminals and threat actors. This diligence helps disrupt the development and deployment of advanced exploits and payloads, and also deters future criminals from engaging in malicious activity against well-meaning organisations, governments, businesses and individuals.”
In 2017 Hackers and cybercriminals continued to encrypt their malware payloads to slip past traditional security measures.
“Industry reports indicate as high as 41 percent of attack or malicious traffic now leverages encryption for obfuscation, which means that traffic analysis solutions and web transaction solutions such as secure web gateways each must support the ability to decrypt SSL traffic to be effective,” wrote Ruggero Contu and Lawrence Pingree of Gartner.
SonicWall says cybercriminals are increasingly banding together to find strength in numbers, effectively open-sourcing their malware codes, creating unique and largely undetectable threats known as ‘malware cocktails’.
The growing sophistication of cybercriminals is certainly a topic of concern – we can only wait and see what 2018 will bring.