2018 SonicWall Cyber Threat Report: Actionable Intelligence for the Cyber Arms Race

Make no mistake, we are in a global cyber arms race. But it can’t be won alone: we are in this together.

That is why SonicWall is passing along findings, intelligence, analysis and research from our SonicWall Capture Labs to you today in our 2018 SonicWall Cyber Threat Report. By sharing actionable intelligence, we can help level the playing field against today’s most malicious cyber criminals.

Together, we face many battlefronts: some subsiding, some ongoing, others still on the horizon. Our latest Cyber Threat Report shows us where we — and our common cyber enemies — have advanced. Plus, it offers strategic insight on how, together, we can keep the upper hand.

Security Industry Advances

Ransomware attacks are down
The Cyber Threat Report looks at why expectations of increased numbers of ransomware attacks never materialized in 2017, even with WannaCry, NotPetya and Bad Rabbit stealing the headlines. At the same time, however, data from our cloud-based, multi-engine Capture Advanced Threat Protection (ATP) sandbox noted a spike in unique ransomware variants. While the volume was lower, the attacks were more targeted, unique and difficult to stop.

SSL, TLS encryption are up
The report documents a rapid increase of HTTPS in comparison to unencrypted HTTP sessions, which is critical for the security of cloud environments/applications and websites. However, this shift has given more opportunity for cyber criminals to hide malicious payloads in encrypted sessions. Unfortunately, while effective protection exists using deep packet inspection (DPI), there is still a widespread fear of complexity and lack of awareness around the need to inspect SSL and TLS sessions to stop hidden cyber attacks.

Exploit kits are shifting targets
Since browser vendors have largely phased out Adobe Flash, new Flash Player exploits have dropped off. But the Cyber Threat Report reveals some unexpected applications that are taking its place. Organizations should continually redefine and broaden the scope of applications and related files that could present a risk. In analyzing application volume, machine-learning technology can help protect against newer attack vectors.

Law enforcement disrupting cyber crime
Arrests of key malware and exploit kit authors are making a significant dent in the scale, volume and success of cyber attacks. In response, cyber criminals are being more careful with how they conduct business. Our latest report considers shifting trends in payment methods — particularly bitcoin — as well as other forces driving shifting trends in ransomware.

Cyber Criminal Advances

Ransomware variants increase
Despite a plunge in ransomware payouts, and a significant drop in total volume of ransomware attacks year over year, SonicWall Capture Labs identified a new malware variant for every 250 unknown hits. These new variants proved to be fairly effective when utilized. The Cyber Threat Report examines whether 2017 was an outlier, or if 2018 will signify a true shift in the threat landscape.

Encryption hiding cyber attacks
While encrypting traffic is a necessary practice, it can also cloak illegal or malicious traffic. For the first time ever, the 2018 SonicWall Cyber Threat Report offers real-world data from SonicWall Capture Labs that unmasks the volume of malware and other exploits hidden in encrypted sessions. These Capture Labs findings are our first empirical data available on SSL- and TLS-based attacks.

Malware cocktails shaking things up
Cyber criminals are creating “malware cocktails” that mainly rely on preexisting code with a few minor variants. These can spread quickly and more dangerously, while avoiding detection. While no single exploit rose to the level of Angler or Neutrino in 2016, there were plenty of malware writers leveraging one another’s code and mixing them to form new malware, thus putting a strain on signature-only security controls. The Cyber Threat Report looks at trending exploit kits and how they have repurposed old code for new gains.

IoT, chips processors are emerging battlegrounds
Cyber criminals are pushing new attack techniques into advanced technology spaces, notably the Internet of Things (IoT) and chip processors. These potential vectors for cyber attack are grossly overlooked and unsecured.

The Cyber Threat Report explains how modern malware writers implement advanced techniques, including custom encryption, obfuscation and packing, as well as acting benign within sandbox environments, to allow malicious behavior to remain hidden in memory. These techniques often hide the most sophisticated weaponry, which is only exposed when run dynamically. In most cases, they’re impossible to analyze in real time using static detection techniques.

Inside the SonicWall Cyber Threat Report

You’ll find more detail on these advances by the security industry and cyber criminals in the latest 2018 SonicWall Cyber Threat Report. The report empowers you and your team with:

  • Proprietary empirical data that you will get nowhere else to help you confidently understand key cyber threat trends
  • Detailed predictions on trending threats and security solutions to help you plan and budget resources
  • Expert best practices and valuable resources to help successfully guide you forward

    Get the 2018 SonicWall Cyber Threat Report

    The cyber arms race is a challenge we face together. And it’s the core reason we’re committed to passing our findings, intelligence, analysis and research to the global public via the SonicWall 2018 Cyber Threat Report.

     

Bill Conner on Twitter
Bill Conner
President and CEO of SonicWall | SonicWall
Bill Conner is among the most experienced security, data and infrastructure executives worldwide, with a career spanning over 30 years across numerous high-tech industries. A corporate turn-around expert, today he is the President and CEO of SonicWall, one of the world’s most trusted network security companies, acquired as a carve out from Dell by Francisco Partners and Elliott Management in November of 2016. SonicWall next-generation firewalls and network security solutions protect more than 1 million networks worldwide, for more than 500,000 organizations in more than 150 countries. In the less than one year under Conner’s leadership, SonicWall surpassed the ambitious financial and operational metrics set across the business, delivering record partner registrations (over 15,000 partners / 4,000 net new), strong pipeline growth (over $250M in new partner deal registrations), key service improvements (80% reduction in wait times), the release of a new global marketing campaign, and record new product releases.
1 reply

Trackbacks & Pingbacks

  1. […] 2018 SonicWall Cyber Threat Report: Actionable Intelligence for the Cyber Arms Race […]

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply