When evaluating a change in how you secure your network, you need to look beyond the upper-right quadrant. It is easy to run to analyst graphs and pick a few cyber security solutions that etch closest to the top right. But is that the right path of exploration for your organization?
The very latest cyber threat intelligence for May 2018 depicts increases in a number of attack areas, particularly when comparing against 2017 cyber threat data. Through May 2018, the SonicWall Capture Labs threat researches have recorded: Global Cyberattacks — May 2018 2 million malware attacks (64 percent year-over-year increase) 9 million ransomware attacks (78 percent year-over-year increase) 238,828 encrypted threats (142 percent year-over-year increase) Global Cyberattacks — Year to Date 5 billion malware attacks (128 percent increase ) 2 million ransomware attacks (299 percent increase) 2 million encrypted threats (283 percent increase) To put these numbers in a more practical light, it’s helpful to break them down by customer.
You can’t fight what you can’t see. Cliché as it may sound, cybercriminals are using organizations’ lack of network visibility as a cornerstone for their attack strategies. Savvy threat actors are encrypting their malware payloads to cloak attacks and defeat standard security controls. At RSA Conference 2018 in San Francisco, SonicWall president and CEO Bill Conner spoke with TechRepublic about the rapidly changing cyber arms race and the need to properly detect and inspect encrypted traffic, which made up 68 percent of all web traffic in 2017 — a 24 percent year-over-year increase from 2016.
The 2018 SonicWall Cyber Threat Report reported a 71.2 percent decline in the number of ransomware attacks, but a 101.2 percent increase the number of ransomware variants. Let me ask you, is this good news or bad? If this was a military battle, would you celebrate the news the enemy reduced the number of machine guns by nearly three quarters but doubled the number of snipers?
In 2017, SonicWall Capture Labs discovered 56 million new forms of malware from across the globe. Threat actors are constantly creating updates to known versions of malware to get past defenses that rely on identifying malware (i.e., signatures). The forms of security that stop malware and ransomware based on signatures are only effective if they can identify the strain.
To proactively protect networks and data in today’s fast-moving cyber arms race, organizations must be able to collect, analyze and apply threat intelligence to make smart and agile security decisions. For some organizations, this is part of everyday life — even if it’s still increasingly difficult. For others, it’s just not possible based on company size, expertise, budget or any number of challenging factors.
As we know, email is the most popular attack vector used by threat actors to carry out targeted cyber attacks. In fact, more than 90 percent of cyber attacks start with a phishing email campaign. It is the easiest way for a cyber criminal to enter a network and execute tactics to accomplish an objective — be it data exfiltration, delivering a malicious payload or phishing for credentials.
Since the shocking announcement of serious Meltdown and Spectre vulnerabilities in early 2018, we have yet to hear of a mega-breach that would signal the start of another vicious hacking year. Has it been luck? Are our network security defenses stronger? Or are current hacks hiding their efforts? Whatever the situation, the expectations from lessons learned in historical security events are that hacking tools will evolve and new threat vectors will emerge — year after year.
Cyber security professionals exist in an increasingly complex world. As the cyber threat landscape evolves, a new cyber arms race has emerged that places organizations and their security solutions in the crosshairs of a growing global criminal industry. Cyber criminals are increasingly turning to highly effective advanced cyber weapons, such as ransomware, infostealers, IoT exploits and TLS/SSL encrypted attacks, to target organizations of all sizes around the world.
The cyber security industry relies on perpetual cadence of collaboration, research, analysis and review. For SonicWall, that comes via our in-depth cyber threat report. This year, we’re excited to announce that we will publish the 2018 SonicWall Cyber Threat Report on Tuesday, March 6. This premier cyber security industry report puts you a step ahead of cyber criminals in the global cyber war, empowering you with proprietary security data, global knowledge and latest trends, gathered and analyzed by our leading-edge SonicWall Capture Labs Threat Network.