New research from SonicWall has revealed that a record high of 10.52bn malware attacks occurred in 2018 indicating an escalation in the volume of cyberattacks as well as new targeted threat tactics used by cybercriminals.
The firm’s 2019 SonicWall Cyber Threat Report provides an in-depth look at threat intelligence obtained from its more than one million sensors around the world.
Following vulnerabilities such as Spoiler, PortSmash, Foreshadow, Meltdown and Spectre that can lead to side-channel attacks, Sonic Wall’s threat researchers have deemed processor vulnerabilities a growing concern for both software and hardware technologies.
The company’s Real-Time Deep Memory Inspection (RTDMI) also identified 74,290 new attack variants in 2019 that are so new, unique and complex that they were without a signature at the time of discovery and included detection of multiple side-channel attacks.
Non-standard ports and trusted files
As network defenses have become more sophisticated, so has the anonymity of attacks that now include the targeting of non-standard ports to ensure payloads are concealed upon delivery. By studying over 700m malware attacks, SonicWall research revealed that 19.2 percent of malware attacks used non-standard ports which represents a year-over-year increase of 8.7 percent.
Organizations of all sizes and across all industries depend on trusted file types such as Microsoft Office files and PDFs. However, now cybercriminals are leveraging these trusted files to circumvent traditional firewalls and single-engine sandboxes to deliver malware.
SonicWall’s multi-engine sandbox service discovered threats in over 47,000 PDFs and almost 51,000 Office files in 2018. This presents a growing problem as most antivirus software cannot identify and mitigate the hidden malware contained in these files.
President and CEO of SonicWall, Bill Conner provided further insight on the report’s findings, saying:
“Cyber perpetrators are not letting up in their relentless pursuit to illegally obtain data, valuable information and intellectual property. We must be unyielding in this cyber arms race. Sharing vital threat information with our customers and partners provides them a tactical advantage. But it’s also important to arm those at the forefront of this battle with this intelligence, promote global awareness of the threat landscape and continue to facilitate important dialogue around today’s most prevalent cyber threats.”