The latest Cyber Threat Report from SonicWall shows more than 9.32 billion malware attacks were blocked by the company in the past 12 months – a rise of 18.4% over the previous year. While malware attacks are on the rise, ransomware attacks have fallen from 638 million in 2016 to 184 million in 2017 – a fall of more than 71%.
While ransomware attacks have fallen, the number of ransomware variants in use has more than doubled, increasing by 101.2% over the same period. SonicWall created 2,855 unique ransomware signatures in 2017 to protect its users – considerably more than the 1,419 signatures created the previous year. While overall attacks are down year-over-year, and the massive rise in ransomware attacks that many security companies predicted failed to materialize, the threat is still significant. SonicWall also predicts that there will likely be a rise in ransomware attacks on mobile and IoT devices in 2018.
SonicWall reports that the number of malware samples identified in 2017 was slightly lower than 2016. 56 million unique forms of malware were identified in 2017, down 6.7% from 2016 although the total volume of unique malware samples detected was 51.4% higher than in 2014.
Exploit kit activity may not be at the same level as in the past few years, but the threat still exists. Adobe Flash exploits are now much rarer, with cybercriminals turning to vulnerabilities in other software to exploit to deliver malware and ransomware.
There were more than 12,500 common vulnerabilities and exposures (CVEs) reported between 2016 and 2017, and SonicWall notes that attempts to exploit Microsoft Edge vulnerabilities increased by 13%. AppleTV and Microsoft Office are now in the top ten list of most exploited applications, although attacks against Adobe products – Acrobat, Acrobat DC, Reader DC and Reader – fell year-over-year.
Encrypted traffic now makes up 68% of total traffic and there was a 24% increase in SSL/TLS encrypted traffic in the past year. From an analysis of threats blocked by its platform, SonicWall reports that a typical business will experience around 900 file-based attacks every year which are hidden using SSL/TLS encryption, highlighting the need to implement security solutions that can decrypt encrypted traffic.
“The risks to business, privacy and related data grow by the day — so much so that cybersecurity is outranking some of the more traditional business risks and concerns,” said SonicWall CEO Bill Conner.