Share this article on:
The Sonicwall 2019 Mid-Year Cyber Threat Report provides insights into the main threats faced by businesses and is based on data from over 200 countries and more than 1 million security sensors around the globe.
The report shows there has been a 20% drop in malware attacks in the first half of 2019. While malware attacks have dropped overall, Sonicwall’s report shows an escalation in the use of open source malware kits. The first half of 2019 saw 74,360 never-before-seen malware variants.
Ransomware attacks are now being reported at a higher rate and this is reflected in the report. Sonicwall’s figures show there has been a 15% increase in ransomware attacks and an escalation in the use of ransomware-as-a-service.
Malware and ransomware can be installed using a variety of methods, although email continues to be the attack vector of choice for many threat actors. Email-based malware attacks most commonly use Office files and PDF files that contain code that downloads a malicious payload. Between February and March 2019, 51% of never-before-seen attacks came from PDF attachments and 47% used Office files.
Non-standard ports for web traffic are often used to silently deliver malware. Sonicwall’s report shows 210 million malware attacks occurred between January 1, 2019 and June 30, 2019. In May 2019, Sonicwall Capture Labs saw the highest ever spike in malware/ransomware attacks across non-standard ports.
The rise in the value of Bitcoin and Monero have fueled an increase in cryptojacking attacks, which are up 9% in the first 6 months of 2019. The main threat in the first 6 months of 2019 was Coinhive. Even though Coinhive is no longer active, many websites have not been cleaned which accounts for the high detection rate.
The biggest increases were IoT malware attacks, which were up 55% from this time last year, and encrypted threats, which have increased by 76%. IoT devices are proving popular, yet these devices introduce new risks and many businesses are failing to secure their IoT devices. They are being used by cybercriminals as an easy way to gain access to business networks and disperse malware payloads.
“Organizations continue to struggle to track the evolving patterns of cyberattacks — the shift to malware cocktails and evolving threat vectors — which makes it extremely difficult for them to defend themselves,” said SonicWall President and CEO Bill Conner.