Malware attacks increased from 7.87 billion in 2016 to 9.32 billion in 2017, while ransomware attacks decreased from 638 million to 184 million, according to SonicWall Cyber Threat Report.
SonicWall, the cybersecurity solutions provider, revealed the findings, intelligence, analysis, and research about annual threats from SonicWall Capture Labs in the report.
Reduction in Ransomware attacks
Despite the major ransomware attacks in 2017 like WannaCry attack that crippled enterprises across 150 countries, the total ransomware attacks in 2017 were 71% less compared to 2016.
However, data from Capture Advanced Threat Protection (ATP) revealed that cybercriminals shifted their focus towards innovation, creating unique variants of attack. Among every 250 ransomware-attacks, there was one never-seen-before variant.
In 2016, there were 1419 ransomware variants, which reached to 2855 in 2017, an increase of 101.2%.
America and Europe were the most victimized regions, receiving 46% and 37% of the ransomware attacks, respectively, in 2017. SonicWall predicted that these attacks might increase further in 2018 against IoT (internet of things) and mobile devices.
Increase in Malware attacks
The malware attacks reached 9.32 billion, increasing by 18.4% from a year before. SonicWall found that attackers were creating ‘malware cocktails’, the approach of leveraging the code of preexisting malware, and mixing them up with minor variants, to trigger a new malware.
The malware writers used modern techniques like custom encryption, mystification and packing, acting benign without sandbox environments, which allowed malware to remain hidden in memory without being detected.
As of unique malware samples, SonicWall collected 56 million of them in 2017, a decline of 6.7% from 2016.
Rise in usage of SSL and TLS encryption
More websites started implementing security protocols like SSL and TLS to encrypt the traffic. The report said that use of HTTPS in place of HTTP sessions increased by 24%, representing 68% of the total traffic in 2017.
However, cybercriminals discovered ways to hide malware in encrypted sessions. If effective security controls like deep packet inspection (DPI) of SSL/TLS traffic are not kept in place, an average organization might see almost 900 attacks every year hidden in the encrypted traffic.
In 2016, Adobe Flash was hit by three major zero-day vulnerabilities, which were further used to cause several attacks. But, the browser vendors dropped the support of Flash, disabled in settings. Hence, no critical Flash vulnerabilities were found in 2017.
Attacks against popular Adobe products decreased, but attackers didn’t stop there. Attacks against Microsoft Edge, Microsoft Office, Apple TV and related apps were up by 4%.
Also read: Slingshot malware attacking router-connected devices since 2012 without detection
SonicWall report also noted that cybercriminals were using new techniques to attack the advanced technologies, like IoT and chip processors. Organizations around the world will soon need to implement modern and advanced technologies to detect and block malware.
Read full report here.
Images source: SonicWall Cyber Threat Report