November Cyber Threat Data: Watch out for Encrypted Attacks


We’ve reviewed hard numbers from the SonicWall Capture Labs to provide you with our analysis of for November attack patterns, as well as advice on how to combat the trends we’re seeing in the cybersecurity landscape.

November Attack Data

Globally, the SonicWall Capture Threat Network, which includes more than 1 million sensors across the world, recorded the following 2018 year-to-date attack data through November 2018:

  • 9.8 billion malware attacks (29 percent increase from 2017)
  • 3.5 trillion intrusion attempts (41 percent increase)
  • 309 million ransomware attacks (119 percent increase)
  • 2.6 million encrypted threats (65 percent increase)

In November 2018 alone, the average SonicWall customer faced:

  • 1,545 malware attacks (48 percent decrease from November 2017)
  • 798,350 intrusion attempts (14 percent increase)
  • 56 ransomware attacks (149 percent increase)
  • 145 encrypted threats (2 percent decrease)
  • 20 phishing attacks each day (93 percent increase)

Ebb & Flow of Malware Volume

Despite nearly two years of dominating cyberattack data and headlines, SonicWall’s threat data for November shows that the number of malware attacks worldwide is on an interesting seasonal decline, particularly given the traditional volume around holiday shopping.

Earlier this year, SonicWall was reporting an average of around 1 billion malware attacks a month. As of November 2018, malware volume was 650 million, 48 percent less than the November 2017 high of 1.2 billion. Malware volume for the year, however, is still up 29 percent year to date.

Ransomware Continues to be a Global Concern

This does not mean that cybercriminals are slowing down. Any slack has been picked up with huge increases in web app attacks and ransomware this year. SonicWall previously covered the holiday-specific ransomware jumps, but the year has also seen some major regional spikes, with a 112 percent year to date increase in the U.S. and a staggering 1,671 percent increase in the Asia Pacific region.

In real numbers, this brings these regions almost level for the year with 124 million attacks in the U.S. compared to 121 million in Asia Pacific.

Encrypted Threats a Serious Risk

Encryption is growing at a steady rate: nearly 73 percent of all web traffic monitored by SonicWall is encrypted. Unfortunately, there is a corresponding increase in the number of threats that hide in encrypted traffic. SonicWall data shows a 65 percent increase in encrypted threats compared to 2017.

Encryption protocols, such as Transport Layer Security (TLS), Secure Sockets Layer (SSL) and Secure Shell (SSH), are used to hide cyberattacks. Many malware detection and intrusion prevention solutions are not built to inspect encrypted traffic.

Even entry-level SonicWall firewalls combat encrypted threats with Deep Packet Inspection of SSL/TLS-encrypted traffic and the latest TZ600P and TZ300P range includes PoE integration to cut down on unnecessary wiring.

SonicWall Capture Security Center

SonicWall cyber threat intelligence is available in the SonicWall Security Center, which provides a graphical view of the worldwide attacks over the last 24 hours, countries being attacked and geographic attack origins. This view illustrates the pace and speed of the cyber arms race.

The resource provides actionable cyber threat intelligence to help organizations identify the types of attacks they need to be concerned about so they can design and test their security posture ensure their networks, data, applications and customers are properly protected.

SonicWall Staff