Advanced Threats: Am I At Risk?
In “The Art of War,” Sun Tzu said, “If you know the enemy and know yourself, you need not fear the result of a hundred battles … if you know neither the enemy nor yourself, you will succumb in every battle.”
While he couldn’t have foreseen the digital salvos of two thousand years hence, his words ring as true for today’s cybersecurity arms race as they did for ancient Chinese military strategy. And now that the COVID-19 pandemic has ushered in a future where everyone is remote, everyone is mobile and everyone is less secure, cybercriminals are redoubling their efforts and specifically targeting remote workers — making it more important than ever to know what you’re up against.
Unfortunately, when it comes to cybercrime, it’s often much harder to know who your enemy is, where they’re located, or what weaponry they’re bringing to bear. Worse, in some cases you may not know until much later that you’ve even been attacked at all. We’ve seen cyberthreats evolve from basic computer viruses to widespread and devastating attacks such as Stuxnet, WannaCry, NotPetya, Spectra and more. But exactly how advanced and prevalent are today’s attacks?
According to the midyear update to the 2020 SonicWall Cyber Threat Report, while the quantity of malware deployed overall is dropping, the malware that is going out is both more advanced and more targeted than ever before. The degree of sophistication displayed in some phishing and social engineering strategies proves that even if you don’t know your adversary, they certainly know you — and if they’re successful in fooling you, their weapons of choice are often capable of completely circumventing legacy cybersecurity solutions.
These sorts of threats will often obfuscate in front of security solutions, only to execute later when in memory — or worse, in the CPU and hardware where you are a tenant, perhaps in a service you have in the cloud where the hardware itself executes the code and steals your information.
And if you’re thinking only a handful of cybercriminals have access to this level of sophistication, think again.
So far in 2020, every month has seen a significant year-over-year increase in the number of malware variants found by SonicWall Capture ATP (Advanced Threat Protection) and RTDMI (Real-time Deep Memory Inspection) — combined, they represent a full 62 percent increase over 2019’s first-half totals. In the first six months of 2020, Capture ATP and RTDMI found 315,395 new malware variants, including threats that do not exhibit any malicious behavior and hide their weaponry via encryption.
During this time, there has also been a whopping 176 percent increase in the number of malicious Office files, including some that can evade signature based anti-malware engines and hinder sandbox debugging and analysis. These files look just like any other file you may receive through the course of your workday, but can lead to data exfiltration, ransomware infections and more.
With the time between an attack’s proof of concept and threat researchers spotting the attack in the wild narrowing to just hours — and with attackers developing ways to create hundreds of variations on an attack faster than they can be identified and patched — it’s tempting to concede defeat.
Fortunately, however, it’s still possible to thwart a majority of cyberthreats, if you deploy the correct countermeasures. Join SonicWall cybersecurity expert Simon Wikberg as he explores today’s biggest threats and why they succeed in our upcoming webinar, “A Step Ahead: Future-proofing Against Tomorrow’s Attacks.”
He’ll tackle the “know yourself” side of the equation by offering ways to determine your risk and profile your existing cybersecurity strategy.
And by sharing data from the SonicWall 2020 Mid-Year Cyber Threat Report, he’ll also help you become better acquainted with your adversaries, by revealing the places cybercriminals are targeting, spotlighting the techniques they’re using, and offering clues as to what they may be doing next.
By learning their tactics, you’ll be better able to create a plan, deploy proper countermeasures, and significantly decrease your risk of compromise in the next hundred battles — and beyond.
Click here to register for the webinar.
This post is also available in: French German Spanish Italian