More Than 9.9 billion Malware Attacks Recorded in 2019

February 4, 2020

Malware and ransomware attack volume is down six percent and nine percent, due to more targeted attacks.

According to the 2020 SonicWall Cyber Threat Report, rapid response has proven to be invaluable when stopping the damage caused by cyber threats to systems, hardware, daily operations and brand reputation. The SonicWall service discovered nearly 440,000 malware variants in 2019 (1,200 per day), with findings reported to malware repositories two days ahead of public submissions. In addition, the company identified more than 153,000 never-before-seen malware variants.

Major findings of the report include:

Cybercriminals change approach to malware: ‘Spray-and-pray’ tactics that once had malware attack numbers soaring have since been abandoned for more targeted and evasive methods aimed at weaker victims. SonicWall recorded 9.9 billion malware attacks, a six percent year-over-year decrease.
Targeted ransomware attacks cripple victims: While total ransomware volume (187.9 million) dipped nine percent for the year, highly targeted attacks left many state, provincial and local governments paralyzed and took down email communications, websites, telephone lines and even dispatch services.
The Internet of Things (IoT) is a treasure trove for cybercriminals: Bad actors continue to deploy ransomware on ordinary devices, such as smart TVs, electric scooters and smart speakers, to daily necessities like toothbrushes, refrigerators and doorbells. SonicWall Capture Labs threat researchers discovered a moderate five percent increase in IoT malware, with a total volume of 34.3 million attacks in 2019.
Cryptojacking continues to crumble: The volatile shifts and swings of the cryptocurrency market had a direct impact on threat actors’ interest to author cryptojacking malware. The dissolution of Coinhive in March 2019 played a major role in the threat vector’s decline, plunging the volume of cryptojacking hits to 78 percent in the second half of the year.
Fileless malware targets Microsoft Office/Office 365, PDF documents: Cybercriminals used new code obfuscation, sandbox detection and bypass techniques, resulting in a multitude of variants and the development of newer and more sophisticated exploit kits using fileless attacks instead of traditional payloads to a disk. While malware decreased six percent globally, SonicWall observed that most new threats masked their exploits within today’s most trusted files. In fact, Office (20.3 percent) and PDFs (17.4 percent) represent 38 percent of new threats detected by Capture ATP.
Encrypted threats are still everywhere: Cybercriminals have become reliant upon encrypted threats that evade traditional security control standards, such as firewall appliances that do not have the capability or processing power to detect, inspect and mitigate attacks sent via HTTPs traffic. SonicWall Capture Labs threat researchers recorded 3.7 million malware attacks sent over TLS/SSL traffic, a 27 percent year-over-year increase that is trending up and expected to climb through the year.
Side-channel attacks are evolving: These vulnerabilities could impact unpatched devices in the future, including everything from security appliances to end-user laptops. Threat actors could potentially issue digital signatures to bypass authentication or digitally sign malicious software. The recent introduction of TPM-FAIL, the next variation of Meltdown/Spectre, Foreshadow, PortSmash, MDS and more, signals criminals’ intent to weaponize this method of attack.
Attacks over non-standard ports cannot be ignored: This year’s research indicated that more than 19 percent of malware attacks leveraged non-standard ports, but found the volume dropping to 15 percent by year’s end with a total of 64 million detected threats. This type of tactic is utilized to deliver payloads undetected against targeted businesses.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 November

This month, Security magazine brings you the Security 500 Report, Rankings and Thought Leader Profiles. How does your enterprise compare to others? Which security programs are leading the way? Also this month, we highlight how to plan, prepare for and build resilience to protests and other unplanned events, video surveillance tools for SMBs and more.

View More Create Account

More Than 9.9 billion Malware Attacks Recorded in 2019

Related Articles

Related Products

Report Abusive Comment