IoT malware attacks jump during third quarter
October 30, 2019
There has been a dramatic jump in IoT malware, encrypted threats and web app attacks during the third quarter of this year, according to Californian security company SonicWall.
Threat intelligence data from SonicWall’s Capture Labs, reveal 7.2 billion malware attacks were launched in the first three quarters of 2019 as well as 151.9 million ransomware attacks, marking 15% and 5% year-over-year declines, respectively.
IoT malware jumped to 25 million, a 33% increase. Encrypted threats spiked 58% through the first three quarters. Web app attacks are on the rise, showing a 37% increase over the same period last year. Malware volume reached 7.2 billion, a 15% year-over-year drop. And ransomware attacks reached 151.9 million, a 5% year-over-year decrease. Out of the malware attacks, 14% came over non-standard ports,
While attacks may be trending down currently, the reality is the number of attacks is still very high and more nefarious than ever, even evading traditional sandbox technology. The Capture Threat Network has recorded an increase in targeted geographic attacks beyond the USA to include the UK and Germany. Threat researchers are also analysing new and growing attack vectors, such as side-channel attacks and evasion.
“When we observe how ransomware spreads, we also identify that ransomware tactics have changed,” said SonicWall president and CEO Bill Conner. “Historically, the goal for most malware authors was quantity of infections and now we’re seeing attackers focus on fewer higher-value targets where they can spread laterally. This shift in tactics has also seen a corresponding rise in the ransom demands, as attackers attempt to make more money from fewer, but higher value, targets like local municipalities and hospitals.”
Phishing attacks are following suit with ransomware and malware, and are also trending down globally with a year-to-date decrease of 32%, a number that has held steady for most of the year. Similar to ransomware, the attacks are being more targeted towards c-suite executives, HR personnel and IT leaders.
While an average of 14% of malware came across non-standard ports in the three quarters, attacks across the vector have grown in both the second (20%) and third quarters (17%). SonicWall’s non-standard port data are based on a sample size of more than 275 million malware attacks recorded worldwide up to September 2019.
“What the data show is that cyber criminals are becoming more nuanced, more targeted and savvier in their attacks,” said Conner. “Businesses need to align to create stricter security rules within their organisations to reduce the threats that our researchers are identifying. We recommend that companies deploy a unified and layered security approach that provides real-time protection across all networks so they don’t find themselves front page news for a data breach.”
SonicWall Capture Labs threat researchers gather, analyse and vet cross-vector threat information from its Capture Threat network, consisting of global devices and resources, including more than a million security sensors in nearly 215 countries and territories. Capture Labs, which pioneered the use of artificial intelligence for threat research and protection over a decade ago, performs testing and evaluation on these data, establishes reputation scores for email senders and content, and identifies new threats in real time.
SonicWall has been fighting the cyber-criminal industry for over 28 years defending small and medium businesses, enterprises and government agencies worldwide. Backed by research from Capture Labs, its real-time breach detection and prevention technology secures more than a million networks, and their emails, applications and data, in over 215 countries and territories.