Posts

2019 SonicWall Cyber Threat Report: Unmasking Threats That Target Enterprises, Governments & SMBs

/0 Comments/in /by

The launch of the annual SonicWall Cyber Threat Report always reminds us why we’re in this business.

Our engineers and threat researchers dedicate months to the project in order to shed light on how people, businesses and organizations online are affected by cybercrime.

What they found is telling. Across the board, cyberattacks are up. Criminals aren’t relenting. Hackers and nefarious groups are pushing attacks to greater levels of volume and sophistication. And the 2019 SonicWall Cyber Threat Report outlines how they’re doing it and at what scale.

To understand the fast-changing cyber arms race, download the complimentary 2019 SonicWall Cyber Threat Report. The unification, analysis and visualization of cyber threats will empower you and your organization to fight back with more authority, determination and veracity than ever before. So, let’s take a look at what’s included.

Malware Volume Still Climbing

In 2016, the industry witnessed a decline in malware volume. Since then, malware attacks have increased 33.4 percent. Globally, SonicWall recorded 10.52 billion malware attacks in 2018 — the most ever logged by the company.

UK, India Harden Against Ransomware

SonicWall Capture Lab threat researchers found that ransomware was up in just about every geographic region but two: the U.K. and India. The report outlines where ransomware volume shifted, and which regions were impacted most by the change.

Dangerous Memory Threats, Side-Channel Attacks Identified Early

The report explores how SonicWall Real-Time Deep Memory InspectionTM (RTDMI) mitigates dangerous side-channel attacks utilizing patent-pending technology. Side-channels are the fundamental vehicle used to exploit and exfiltrate data from processor vulnerabilities, such as Foreshadow, PortSmash, Meltdown, Spectre and Spoiler.

Malicious PDFs & Office Files Beating Legacy Security Controls

Cybercriminals are weaponizing PDFs and Office documents to help malware circumvent traditional firewalls and even some modern day network defenses. SonicWall reports how this change is affecting traditional malware delivery.

Attacks Against Non-Standard Ports

Ports 80 and 443 are standard ports for web traffic, so they are where many firewalls focus their protection. In response, cybercriminals are targeting a range of non-standard ports to ensure their payloads can be deployed undetected in a target environment. The problem? Organizations aren’t safeguarding this vector, leaving attacks unchecked.

IoT Attacks Escalating

There’s a deluge of Internet of Things (IOT) devices rushed to market without proper security controls. In fact, SonicWall found a 217.5 percent year-over-year increase in the number of IoT attacks.

Encrypted Attacks Growing Steady

The growth in encrypted traffic is coinciding with more attacks being cloaked by TLS/SSL encryption. More than 2.8 million attacks were encrypted in 2018, a 27 percent increase over 2017.

The Rise & Fall of Cryptojacking

In 2018, cryptojacking diminished nearly as fast is it appeared. SonicWall recorded tens of millions of cryptojacking attacks globally between April and December. The volume peaked in September, but has been on a steady decline since. Was cryptojacking a fad or is more on the way?

Global Phishing Volume Down, Attacks More Targeted

As businesses get better at blocking email attacks and ensuring employees can spot and delete suspicious emails, attackers are shifting tactics. They’re reducing overall attack volume and launching more targeted phishing campaigns. In 2018, SonicWall recorded 26 million phishing attacks worldwide, a 4.1 percent drop from 2017.

2018 Holiday Cyber Threat Data: Final Analysis Shows Big Ransomware Spikes in US, UK

/2 Comments/in /by

It’s no secret that consumers flock to online retailers during the holiday shopping season between Thanksgiving and the New Year.

Last month, SonicWall provided deep cyber threat data for the nine-day window that included Black Friday and Cyber Monday in the U.S. Over this specific period, SonicWall Capture Labs threat researchers found that SonicWall customers faced 91 million malware attacks (34 percent decrease over 2017) and 889,933 ransomware attacks (432 percent increase over 2017).

But cyberattacks are hardly static. And they definitely don’t cease once Cyber Monday comes and goes. For this reason, SonicWall collected and analyzed threat data from the full December holiday shopping season to complement its Cyber Week threat analysis.

In the U.S., ransomware and phishing volume more than doubled compared to 2017, while malware was slightly down. In December alone, SonicWall Capture Labs threat researchers recorded:

  • 2.7 million ransomware attacks (up 177 percent)
  • 276.4 million malware attacks (down 27 percent from 2017)
  • 797,607 phishing attacks (up 116 percent)

In the U.K., ransomware spiked four-fold while malware and phishing attacks were relatively flat. For December, SonicWall Capture Labs logged:

  • 527,734 ransomware attacks (up 432 percent)
  • 52.1 million malware attacks (down 2 percent from 2017
  • 30,740 phishing attacks (no increase over 2017)

SonicWall will soon publish additional global December cyber threat data across all attack types, including encrypted threats, intrusion attempts and web application attacks.

Real-Time Threat Intelligence with SonicWall Capture Security Center

SonicWall cyber threat intelligence is available in the SonicWall Capture Security Center, which provides a graphical view of the worldwide attacks over the last 24 hours, countries being attacked and geographic attack origins.

The SonicWall Capture Security Center provides actionable cyber threat intelligence to help organizations identify the types of attacks they need to be concerned about so they can design and test their security posture ensure their networks, data, applications and customers are properly protected.

Exclusive Video: SonicWall CEO Bill Conner & CTO John Gmuender

SonicWall President and CEO Bill Conner and CTO John Gmuender walk you through the current cyber threat landscape, explore the importance of automated real-time breach detection and prevention, and address how to mitigate today’s most modern cyberattacks.

How MSSPs & Artificial Intelligence Can Mitigate Zero-Day Threats

/0 Comments/in /by

So, here’s the problem: unknown zero-day threats are just that — unknown. You have no way (besides historical experience) to predict the next vulnerability avenue that will be exploited. You, therefore, don’t know what will need patching or what extra security layer needs injecting. This ultimately leads to a forecast-costing dilemma as you cannot predict the man hours involved.

The other quandary faced when tackling complex targeted zero days is the skills gap. Staffing a security operations center (SOC) with highly skilled cybersecurity professionals comes at a cost and only becomes profitable with economies of scale that a large customer base brings.

Coupled with the shortage of skilled cybersecurity professionals in the open market, how can you get your SOC off the ground? Could artificial intelligence (AI) level the playing field?

Machine Learning Reality Check

Machine learning and behavioral analytics continue to grow and become synonymous with zero-day threat protection. Is this all hype or is it the new reality? The truth is, it is both.

There is a lot of hype, but for good reason: AI works. Big data is needed to see the behaviors and therein the anomalies or outright nefarious activities that human oversight would mostly fail to catch. Delivered as a layered security approach, AI is the only way to truly protect against modern cyber warfare, but not all AI is deterministic and herein lies the hidden cost to your bottom line.

AI-based analysis tools that provide forensics are very powerful, but the horse has bolted by the time they are used. This approach is akin to intrusion detection systems (IDS) versus intrusion prevention systems (IPS). The former are great for retrospective audits, but what is the cleanup cost? This usage of behavioral analysis AI solely for detection is not MSSP-friendly. What you need is automated, real-time breach detection and prevention. Prevention is key.

So, how do you create an effective prevention technology? You need security layers that filter the malware noise, so each can be more efficient at its detection and prevention function than the last. That means signature-based solutions are still necessary. In fact, they are as important as ever as one of the first layers of defense in your arsenal (content filtering comes in at the top spot).

By SonicWall metrics, the ever-growing bombardment of attacks the average network faces stands at 1,200-plus per day (check out the mid-year update to the 2018 SonicWall Cyber Threat Report for more details).

When you do the math, it’s easy to see that with millions of active firewalls, it’s not practical to perform deep analysis on every payload. For the best results, you must efficiently fingerprint and filter everything that has gone before.

Aren’t All Sandboxes Basically the Same?

Only by understanding the behavior of the application and watching what it’s attempting to do, can you uncover malicious intent and criminal action. The best environment to do this is a sandbox, but no SOC manpower in the world could accomplish this with humans at scale. In order to be effective, you must turn to AI.

AI understands the big data coming from behavioral analysis. It can adapt the discovery approach to uncover threats that try to hide and, once determined as malicious, can fingerprint the payload via signature, turning a zero day into a known threat. It is the speed of propagation of this new, known signature to the protection appliances participating in the mesh protection network that drives the efficiencies to discover more threats.

Also, it’s the size of the mesh network catchment area that allows you the largest overall service area of attaches, which helps your AI quickly learn from the largest sample data set.

Luckily, SonicWall has you covered on all these fronts. With more than 1 million sensors deployed across 215 territories and countries, SonicWall has one of the largest global footprint of active firewalls. Plus, the cloud-based, multi-engine SonicWall Capture Advanced Threat Protection (ATP) sandbox service discovers and stops unknown, zero-day attacks, such as ransomware, at the gateway with automated remediation.

Our recent introduction of the patent-pending Real-Time Deep Memory Inspection (RTDMITM) technology, which inspects memory in real time, can detect and prevent chip vulnerability attaches such as Spectre, Meltdown and Foreshadow. It’s included with every Capture ATP activation.

At SonicWall, the mantra of automated, real-time breach detection and prevention is fundamental to our security portfolio. It is how our partners drive predictable operational expenditures in the most challenging security environments. Only via connected solutions, utilizing shared intelligence, can you protect against all cyber threat vectors.

A version of this story originally appeared on MSSP Alert and was republished with permission.

How Everyone Can Implement SSL Decryption & Inspection

/0 Comments/in /by

Since 2011, when Google announced it was switching to Hypertext Transfer Protocol Secure (HTTPS) by default, there has been a rapid increase in Secure Sockets Layer (SSL) sessions.

Initially, SSL sessions were reserved for only important traffic, where personal, financial or sensitive data was transferred. Now, it seems we can’t receive news or perform a simple search without an encrypted session.

In 2014 and 2015, SSL sessions accounted for about 52 percent of internet traffic. As cloud adoption grew, so did the SSL sessions. By 2017, SSL accounted for 68 percent of all internet traffic. Currently, SonicWall has seen encrypted traffic at almost 70 percent of the total traffic on the internet.

Secure sessions demonstrate that internet users are understanding and embracing session security and privacy. Unfortunately, as SSL sessions have increased, so have encrypted attacks. So far in 2018, SonicWall has seen a 275 percent increase of encrypted attacks since 2017. You find more numbers in the mid-year update of the 2018 SonicWall Cyber Threat Report.

What is DPI-SSL?

The modern cyber threat landscape requires a defense-in-depth posture, which includes SSL decryption capabilities to help organizations proactively use deep packet inspection of SSL (DPI-SSL) to block encrypted attacks.

However, even firewall vendors that claim to offer SSL decryption and inspection may not have the processing power to handle the volume of SSL traffic moving across a network today.

DPI-SSL extends SonicWall’s Deep Packet Inspection technology to inspect encrypted HTTPS and SSL/TLS traffic. The traffic is decrypted transparently, scanned for threats, re-encrypted and sent along to its destination if no threats or vulnerabilities are found.

Available on all SonicWall next-generation firewalls (Generation 6 or newer), DPI-SSL technology provides additional security, application control, and data leakage prevention for analyzing encrypted HTTPS and other SSL-based traffic.

It is important to have a secure and simple setup that minimizes configuration overhead and complexity. There are two primary paths for implementing DPI-SSL.

Option 1: Remote Implementation

Enabling DPI-SSL can sometimes be complex. Diverse sites and programs use certificates differently, some of which may be affected by DPI-SSL capabilities.

To confirm you have DPI-SSL implemented properly, leverage the SonicWall DPI-SSL Remote Implementation Service to ensure seamless and effective implementation of SonicWall DPI-SSL services.

The Remote Implementation Service for SonicWall DPI-SSL deploys and integrates the product into your environment within 10 business days. This service is delivered by Advanced Services Partners who have completed training and demonstrated expertise in DPI-SSL implementation and configuration.

Option 2: Leverage Easy-to-Use Guidance

For those considering in-house implementation, SonicWall also provides a number of knowledge base (KB) articles and resources that walk you through the DPI-SSL implementation process. Some of the most popular include:

These KBs, and others found within SonicWall’s support section or through the DPI-SSL Remote Implementation Service, ensure every type of user or organization has the resources  to properly activate DPI-SSL within their infrastructure to mitigate encrypted cyberattacks.

For additional guidance, watch “Initial DPI-SSL Configuration,” a popular SonicWall Firewall Series Tutorial.

DPI-SSL Adoption

Thankfully, SonicWall is witnessing gradual adoption of DPI-SSL add-on services. To best protect your environment, pair DPI-SSL capabilities with the Capture Advanced Threat Protection (ATP) cloud sandbox, Gateway Antivirus, Content Filtering and Intrusion Protection Services (IPS). All available in the SonicWall Advanced Gateway Security Suite, which delivers everything you need to protect your network from advanced cyberattacks.

Combine these services with a trusted and secure end-point protection software, such as SonicWall Capture Client, and you can provide a robust security posture that can protect devices — even when they are not behind your firewall.

July 2018 Cyber Threat Intelligence: Malware, Ransomware Attack Volume Still Climbing

/0 Comments/in /by

Just a month removed from the mid-year update to the 2018 SonicWall Cyber Threat Report, the cyber threat landscape continues its volatile pace.

Analyzing the team’s most recent data, SonicWall Capture Labs threat researchers are recording year-to-date increases for global malware, ransomware, TLS/SSL encrypted attacks and intrusion attempts.

In addition, the SonicWall Capture Advanced Threat Protection sandbox, with Real-Time Deep Memory Inspection (RTDMITM), discovered an average of 1,413 new malware variants per day in July.

Globally, the SonicWall Capture Threat Network, which includes more than 1 million sensors across the world, recorded the following 2018 year-to-date attack data through July 2018:

  • 6,904,296,364 malware attacks (88 percent increase from 2017)
  • 2,216,944,063,598 intrusion attempts (59 percent increase)
  • 215,722,623 ransomware attacks (187 percent increase)
  • 1,730,987 encrypted threats (80 percent increase)

In July 2018 alone, the average SonicWall customer faced:

  • 2,164 malware attacks (28 percent increase from July 2017)
  • 81 ransomware attacks (43 percent increase)
  • 143 encrypted threats
  • 13 phishing attacks each day
  • 1,413 new malware variants discovered by Capture ATP with RTDMI each day

The SonicWall Capture Security Center displays a 70 percent year-over-year increase in ransomware attacks.

SonicWall cyber threat intelligence is available in the SonicWall Security Center, which provides a graphical view of the worldwide attacks over the last 24 hours, countries being attacked and geographic attack origins. This view illustrates the pace and speed of the cyber arms race.

The resource provides actionable cyber threat intelligence to help organizations identify the types of attacks they need to be concerned about so they can design and test their security posture ensure their networks, data, applications and customers are properly protected.

 

Get the Mid-Year Update

Dive into the latest cybersecurity trends and threat intelligence from SonicWall Capture Labs. The mid-year update to the 2018 SonicWall Cyber Threat Report explores how quickly the cyber threat landscape has evolved in just a few months.

GET THE UPDATE

Ransomware Surges, Encrypted Threats Reach Record Highs in First Half of 2018

/0 Comments/in /by

To ensure organizations are aware of the latest cybercriminal attack behavior, today SonicWall published a mid-year update to the 2018 SonicWall Cyber Threat Report.

“The cyber arms race is moving faster than ever with bigger consequences for enterprises, government agencies, educational and financial institutions, and organizations in targeted verticals,” said SonicWall CEO Bill Conner in the official announcement.

Cyber threat intelligence is a key weapon in organizations’ fight against criminal organizations within the fast-moving cyber arms race. The mid-year update outlines key cyberattack trends and real-world threat data, including:

Data for the annual SonicWall Cyber Threat Report is gathered by the SonicWall Capture Threat Network, which sources information from global devices and resources including more than 1 million security sensors in nearly 200 countries and territories.

“SonicWall has been using machine learning to collect, analyze and leverage cyber threat data since the ‘90s,” said Conner. “This commitment to innovation and emerging technology is part of the foundation that helps deliver actionable threat intelligence, security efficacy and automated real-time bread detection and prevention to our global partners and customers.”

Get the Mid-Year Update

Dive into the latest cybersecurity trends and threat intelligence from SonicWall Capture Labs. The mid-year update to the 2018 SonicWall Cyber Threat Report explores how quickly the cyber threat landscape has evolved in just a few months.

GET THE UPDATE

SonicWall Wins 7 New Awards, Bringing 2018 Total to Over 30

/0 Comments/in /by

SonicWall is proud to announce it has garnered seven awards, including three from the Network Products Guide IT World Awards, two from the Globee Awards, and one each from the PR World Awards and the CEO World Awards.

With these seven new accolades, SonicWall has earned more than 30 awards so far in 2018.

First from the Network Products Guide IT World Awards is a gold award in the ‘Firewalls’ category for the SonicWall NSA 2650 firewall. The SonicWall NSa 2650 is a next-generation firewall that delivers high-speed threat prevention over thousands of encrypted and unencrypted connections to mid-sized organizations and distributed enterprises.


SonicWall also won silver in the ‘Managed Security Services’ category for the SonicWall Global Cloud Management System, or Cloud GMS. Cloud GMS is a web-based management and reporting application that provides centralized management and high-performance reporting for the SonicWall family of firewalls.


Rounding out the three from Network Products Guide, SonicWall earned silver in the ‘Email, Security and Management’ category for SonicWall Email Security 9.1. SonicWall Email Security is a multi-layer solution dedicated to combating emerging threats. It protects organizations from outside attacks with effective virus, zombie, phishing and spam blockers, leveraging multiple threat-detection techniques.


In addition to the awards from Network Products Guide, SonicWall also garnered a silver award in the ‘PR Achievement of the Year’ category from the PR World Awards for the launch of the 2018 SonicWall Cyber Threat Report. The annual report is the go-to source for cyber threat intelligence, industry analysis and cyber security guidance for the global cyber arms race.

The launch of the 2018 SonicWall Cyber Threat Report also took home gold in the ‘Public Relations Achievement of the Year’ from the Globee Awards. The team also earned a silver in the Globee Awards in the ‘Product Management/Development Team of the Year’ for the team led by SonicWall COO Atul Dhablania.

Finally, SonicWall CEO Bill Conner won silver in the ‘CEO Excellence of the Year’ award for organizations with 500-2,499 employees.

RSA Conference 2018: SonicWall is Hot

/0 Comments/in /by

Fresh off of April’s massive SonicWall Capture Cloud Platform launch, SonicWall has been featured in a pair of CRN articles highlighting the hottest products at RSA Conference 2018.

The SonicWall Capture Cloud Platform is lauded in CRN’s “10 Hot New Cloud Security Products Announced at RSA 2018” listing. CRN recaps the platform’s ability to integrate security, management, analytics and real-time threat intelligence across SonicWall’s portfolio of network, email, mobile and cloud security products.

Complementing that accolade, a pair of new SonicWall products were listed in the “20 Hot New Security Products Announced at RSA 2018” category. The new SonicWall NSv virtual firewall (slide 7) and SonicWall Capture Client (slide 12) endpoint protection were showcased.

SonicWall Capture Client is a unified endpoint offering with multiple protection capabilities. With a next-generation malware protection engine powered by SentinelOne, Capture Client delivers advanced threat protection techniques, such as machine learning and system rollback.

SonicWall’s Scott Grebe explains automated, real-time breach detection and prevention during RSA Conference 2018

SonicWall Network Security virtual (NSv) firewalls protect all critical components of your private/public cloud environment from resource misuse attacks, cross virtual machine attacks, side channel attacks and common network-based exploits and threats. It captures traffic between virtual machines (VM) and networks for automated breach prevention and establishes access control measures for data confidentiality and ensures VMs safety and integrity.

Cyber Threat Map: SonicWall Security Center Delivers Real-Time Cyber Attack Data

/0 Comments/in /by

Cyber security professionals exist in an increasingly complex world. As the cyber threat landscape evolves, a new cyber arms race has emerged that places organizations and their security solutions in the crosshairs of a growing global criminal industry.

Cyber criminals are increasingly turning to highly effective advanced cyber weapons, such as ransomware, infostealers, IoT exploits and TLS/SSL encrypted attacks, to target organizations of all sizes around the world.

To help organizations protect their networks and sensitive data from advanced cyber attacks, SonicWall developed a next-generation Automated Real-Time Breach Detection and Prevention Platform. Over a decade ago, SonicWall Capture Labs threat researchers pioneered the use of machine learning for threat research and cyber protection.

Complementing the platform, SonicWall is unlocking the power of the SonicWall Capture Labs Threat Network data for our customers, partners and the greater industry via the modern SonicWall Security Center.

What is the SonicWall Security Center?

The SonicWall Security Center provides a graphical view of the worldwide attacks over the last 24 hours, countries being attacked and geographic attack origins. This view illustrates the pace and speed of the cyber arms race. Even more important is the actionable data found on the Capture Labs Threat Metrics pages.

Sonicwall Security Center Worldwide Attacks

On these interactive pages, cyber threat meters show telemetry data that empower you to take action to better protect your organization. For example, the dashboard below shows that worldwide malware attack attempts are up 139 percent in February 2018 over February 2017.

Sonicwall Security Center Worldwide Attacks

In this example, SonicWall Security Center threat metrics state that the number of malware attacks increased from 0.42 billion to 1.0 billion, and that the attacks are largely coming from IP addresses in the United States, followed by China. The Security Center includes regional drilldowns for North America, Europe and Asia to give deeper insight for organizations around the globe.

This level of detail is available not only for malware attacks, but also for intrusion attempts, ransomware, encrypted traffic, https encrypted malware, new threats discovered by Capture Advanced Threat Protection and spam/phishing activity.

With this tool, we aim to provide actionable cyber threat intelligence to help you identify the types of attacks you need to be concerned about so you can design and test your security posture to make sure that your organization is properly protected.

Cyber security news, trends and analysis

The final section on the SonicWall Security Center is Security News. On this page, the Capture Labs team publishes research and analysis on the latest security threats, attacks, vulnerabilities and more — as it’s happening. When the next big cyber attack occurs, this will be the go-to source for information not only for the SonicWall community, but for the greater cyber security industry as well.

Sonicwall Security Center Worldwide Attacks

SonicWall threat intelligence and cyber attack data

SonicWall uses deep-learning algorithms to analyze data, classify attacks and block known malware before it can infect a network. Unknown files are sent to Capture Advanced Threat Protection service for automated analysis using a variety of techniques, including hypervisor analysis, emulation, virtualization and our patent-pending Real-Time Deep Memory Inspection.TM

The information we obtain on unknown threats is then combined with the billions of telemetry data points that Capture Labs gathers from the million-plus firewalls, email security appliances and endpoint clients used by our customers.

 

Get the 2018 SonicWall Cyber Threat Report

The cyber arms race is a challenge we face together. And it’s the core reason we’re committed to passing our findings, intelligence, analysis and research to the global public via the SonicWall 2018 Cyber Threat Report.

Get the Report

Sneak Peek: 2018 SonicWall Cyber Threat Report

/0 Comments/in /by

The cyber security industry relies on perpetual cadence of collaboration, research, analysis and review.

For SonicWall, that comes via our in-depth cyber threat report. This year, we’re excited to announce that we will publish the 2018 SonicWall Cyber Threat Report on Tuesday, March 6.

This premier cyber security industry report puts you a step ahead of cyber criminals in the global cyber war, empowering you with proprietary security data, global knowledge and latest trends, gathered and analyzed by our leading-edge SonicWall Capture Labs Threat Network.

Reimagined and refreshed, the 2018 SonicWall Cyber Threat Report is more comprehensive, informative and actionable than ever before with:

  • A comprehensive comparison of security industry advances versus cybercriminal advances year-over-year, to help you know where you stand
  • Proprietary empirical data that you will get nowhere else, to help you confidently understand key threat trends
  • Detailed predictions on trending threats and security solutions, to help you plan and budget resources
  • Expert best practices and valuable resources, to help successfully guide you forward

Here is a sneak preview

The modern cyber war — against governments, businesses and users alike — is comprised of a series of attacks, counterattacks and respective defensive countermeasures. Many are simple and effective. Others are targeted and complex. Yet they are all highly dynamic and require persistence, commitment and resources to mitigate.

Unfortunately, organizations large and small are caught in the middle of a global cyber arms race with vastly different resources at their disposal. And while growing budgets do make a positive impact on the effectiveness against known exploits, the threat landscape evolves at such a rate that yesterday’s investment in technology could already be insufficient to deal with tomorrow’s cyber threats.

No one has immunity.

Headline breaches

2017 was another record year for data breaches. The 2018 SonicWall Cyber Threat Report breaks these down by the numbers.

Ransomware

With WannaCry, Petya and Bad Rabbit all becoming headline news, ransomware was a hot topic for the second year in a row. The 2018 SonicWall Cyber Threat Report reveals a key indicator of how attack strategies are shifting.

Memory attacks

While the Meltdown and Spectre vulnerabilities were first publicly known in early 2018, the processor vulnerabilities were actually exposed last year. In fact, Intel notified Chinese technology companies of the vulnerability before alerting the U.S. government.

Threat actors and cybercriminals are already leveraging memory as an attack vector. Since these memory-based attacks are using proprietary encryption methods that can’t be decrypted, organizations must quickly detect, capture and track these attacks once they’re exposed in memory — usually in under 100 nanoseconds. Chip-based attacks will be at the forefront of the cyber arms race for some time to come.

IoT

The Internet of Things (IoT) also had a big year. The 2018 SonicWall Cyber Threat Report examines last year’s trends to predict what will be in the crosshairs next.

Business risk

Data breaches and cyber attacks are no longer back-of-mind concerns. The 2018 SonicWall Cyber Threat Report explains why they are the No. 1 risk to business, brand, operations and financials.

The battle within encrypted traffic

For the first time ever, the 2018 SonicWall Cyber Threat Report will provide key empirical data on the volume of attacks leveraging SSL/TLS encryption.

Want the report first?

The cyber arms race is a challenge we face together. And it’s the core reason we’re committed to passing our findings, intelligence, analysis and research to the global public via the SonicWall 2018 Cyber Threat Report.

GET IT FIRST

About the SonicWall Capture Labs Threat Network

Data for the 2018 SonicWall Annual Threat Report was gathered by the SonicWall Capture Labs Threat Network, which sources information from global devices and resources including:

  • More than 1 million security sensors in more than 150 countries and territories
  • Cross‐vector, threat‐related information shared among SonicWall security systems, including firewalls, email security, endpoint security, honeypots, content-filtering systems and the SonicWall Capture Advanced Threat Protection multi‐engine sandbox
  • SonicWall internal malware analysis automation framework
  • Malware and IP reputation data from tens of thousands of firewalls and email security devices around the globe
  • Shared threat intelligence from more than 50 industry collaboration groups and research organizations
  • Intelligence from freelance security researchers

The full 2018 SonicWall Cyber Threat Report will feature detailed threat findings, best practices, predictions and more, to help you stay a step ahead in the global cyber war.