New Cyber Threat Intelligence Shows Growing Malware Volume, Encrypted Attacks


The latest cyberattack data from SonicWall shows increases across the board for global malware, ransomware, TLS/SSL encrypted attacks and intrusion attempts.

Highlighting these new findings, the SonicWall Capture Advanced Threat Protection sandbox, with Real-Time Deep Memory Inspection (RTDMITM), discovered 1,099 new malware variants each day in April.

This cyber threat intelligence, which is available in the SonicWall Security Center, maps the behavior of cybercriminals and the tactics they employ to breach the networks of businesses and organizations across the world.

Globally, the SonicWall Capture Threat Network, which includes more than 1 million sensors across the world, recorded the following 2018 year-to-date attack data:

  • 4,050,797,027 malware attacks (152 percent increase from 2017)
  • 1,233,667,979,688 intrusion attempts (67 percent increase)
  • 132,266,265 ransomware attacks (426 percent increase)
  • 914,975 instances of malware using SSL/TLS encryption (351 percent increase)

Breaking this down to the customer level, in April 2018 alone, the average SonicWall customer faced:

  • 2,254 malware attacks (95 percent increase from April 2017)
  • 78 ransomware attacks (343 percent increase)
  • 73 encrypted threats
  • 10 phishing attacks each day

1,099 new malware variants discovered by Capture ATP each day

Stop cyberattacks in memory

Included with Capture ATP, SonicWall’s patent-pending RTDMI technology catches more malware than behavior-based sandboxing methods, with a lower false positive rate. In 2018, RTDMI has discovered more than 5,000 never-before-seen malware variants — attacks likely missed by competing signature-based offerings.

First announced in February 2018, RTDMI technology is used by the SonicWall Capture Cloud Platform to identify and mitigate even the most insidious cyber threats, including memory-based attacks. RTDMI proactively detects and blocks unknown mass-market malware — including malicious PDFs and attacks leveraging Microsoft Office documents — via deep memory inspection in real time.

The 2018 SonicWall Cyber Threat Report advises that cybercriminals will continue to leverage users’ trust in PDFs and Microsoft Office applications (which represented five of the top 10 attacked applications of 2017). Because of obfuscation techniques, many legacy firewalls and anti-virus solutions are unable to effectively identify and mitigate PDFs or Microsoft Office file types that contain malicious content.


SonicWall Staff