There has been a year-over-year decline in malware and ransomware attacks according to a new report from SonicWall, but Quarter 3, 2019 has seen a marked increase in IoT malware, web app attacks, and encrypted threats.
The year to date has seen 7.2 billion malware attacks and 151.9 million ransomware attacks, which represent a 15% and 5% decline from the same period last year. While the downward trend is certainly good news, attacks are still occurring at a very high level and the threats are increasingly sophisticated and are much better at evading sandbox technology.
The new data from SonicWall Capture Labs shows there has been a marked increase in IoT malware, with 25 million samples detected in the first 3 quarters of 2019, up 33% from last year. There has been a 58% increase in encrypted threats in the first 9 months of 2019 compared to the same period last year and a 37% increase in web app attacks. There has also been an increase in the use of new attack vectors, such as side-channel attacks and evasion. The majority of attacks are still being conducted in the United States, but targeted geographic attacks have increased with Germany and the United Kingdom recording an increase in attacks.
The number of ransomware attacks on businesses may be falling, but this reflects changing tactics. Large scale spamming campaigns are being changed for much more targeted attacks on high profile targets. Attackers are carefully selecting their targets, exploiting vulnerabilities to gain access to a server, and are then moving laterally. This allows the attackers to inflict maximum damage and issue much larger ransomware demands. Enterprises, municipalities, and hospitals are often targeted.
SonicWall notes that there has been a fall in the number of phishing attacks, which are down 32% on this time last year. Phishing attacks are also becoming more targeted, with the attackers concentrating on C-suite executives, IT leaders, and the HR department.
“What the data shows is that cybercriminals are becoming more nuanced, more targeted and savvier in their attacks,” said SonicWall President and CEO Bill Conner. “We recommend that companies deploy a unified and layered security approach that provides real-time protection across all networks so that they don’t find themselves front page news for a data breach.”