Business priorities change as cyber attacks become the number one threat, but how can the threat be overcome?
Research has revealed that cyber-attacks are the number one threat businesses will be faced with in 2018, as the number of malware variants increases.
SonicWall has revealed its ‘Cyber Threat Report’, which recorded an 18.4% year on year increase in the number of malware attacks last year taking the total to 9.32bn.
The research did however demonstrate ransomware attacks have reduced over the last two years, down to 184m from 645m, but the number of new Common Vulnerabilities and Exposures (CVEs) totalled 14,500 increasing by 101.2%. Further research from SonicWall identified that for every 250 unknown hits, one new malware variant was identified. This suggests cybercriminals are finding new ways to target businesses, as common attacks become more well-known and preventable.
Around the world America was found to be the most victimised region, with almost half (46%) of attacks attempted there in 2017. European regions did not fall far behind, with 37% of attacks happening there in 2017.
The research also covered SSL/TLS traffic, which significantly jumped in 2017 by 24% making up 68% of the total traffic. This increase has allowed more opportunities for cybercriminals to hide malicious content in encrypted traffic. In total 60 file-based malware propagation attempts were found per SonicWall firewall each day. Without having SSL decryption technology the number of attacks hidden could be up to 900 per year.
“The risks to business, privacy and related data grow by the day — so much so that cybersecurity is outranking some of the more traditional business risks and concerns,” said SonicWall CEO Bill Conner. “The cyber arms race affects every government, business, organization and individual. It cannot be won by any one of us. Our latest proprietary data and findings show a series of strategic attacks and countermeasures as the cyber arms race continues to escalate. By sharing actionable intelligence, we collectively improve our business and security postures against today’s most malicious threats and criminals.”
Other areas SonicWall covered in the research included the effectiveness of exploit kits. The research revealed that no critical flash vulnerabilities were discovered last year; however threat actors had turned to other ways of attacking devices. Microsoft Edge attacks grew 13% in 2017, from the year previous. Other new targeted applications included Apple TV and Microsoft Office.
The research found one of the worst hitting areas for businesses was the use of ‘malware cocktails’ from attackers. Instead of focusing on one product, hackers leveraged different hacker codes and mixed them together to formulate a new malware product. In 2017 the number of unique malware samples were 51.4% higher than 2014, demonstrating new malware ‘cocktails’ had been developed to target individuals.
With the rise of AI, IoT and other technology such as blockchain it is opening up a new gateway of products for hackers to target. Cybercriminals are advancing as quick, if not quicker, than technology pushing new attack techniques to the emerging technology. These new methods include custom encryption and acting within sandbox environments, to allow the malicious behaviour to remain hidden.
“Sandbox techniques are often ineffective when analyzing the most modern malware,” said SonicWall CTO John Gmuender. “Real-time deep memory inspection is very fast and very precise, and can mitigate sophisticated attacks where the malware’s most protected weaponry is exposed for less than 100 nanoseconds.”
To cope with the rapidly changing techniques, businesses must implement equal amounts of advanced techniques that can help detect and block the malware before it is too late. Government intervention can help override what cybercriminals are attempting to do, by implementing tight law enforcement controls. Co-operation is needed between law enforcement agencies to tackle these threats, which the UK government has already begun doing.
“Joint efforts deliver a hard-hitting impact to cybercriminals and threat actors. Stabilizing the cyber arms race requires the responsible, transparent and agile collaboration between governments, law enforcement and the private sector,” said the Honorable Michael Chertoff, Chairman of the Chertoff Group. “This diligence helps disrupt the development and deployment of advanced exploits and payloads, and also deters future criminals from engaging in malicious activity against well-meaning organizations, governments, businesses and individuals.”