SonicWall: Malware Attacks Up, Cybercriminals Scrambling to Retool Ransomware

It’s getting a whole lot uglier out there in the world of cybersecurity.

According to SonicWall‘s 2018 Cyber Threat Report, malware attacks totaled more than 9.3 billion in 2017, a year-over-year increase of more than 18 percent. And while ransomware attacks dropped from 638 million to 184 million between 2016 and 2017, ransomware variants increased by more than 101 percent.

And the average organization will see nearly 900 file-based attacks per year hidden by encryption.

SonicWall’s John Gordineer

John Gordineer, SonicWall’s director of product marketing, tells Channel Partners that partners can use the report and corresponding SonicWall Security Center to help them “understand the threat landscape and become go-to experts for their customers.”

“But, these tools also open up business opportunities for partners because they allow them to provide actionable security intelligence to their customers that can help them develop and refine their security policies,” he said. “We design these tools with the express goals of both educating and enabling our channel community.”

According to the report, cyberattacks are becoming the No. 1 risk to businesses, brands, operations and financials. SonicWall identifies nearly 500 new previously unknown malicious files daily.

The decrease in ransomware attacks, even with the headlines made by WannaCry, Petya/NotPetya and Bad Rabbit, was surprising, Gordineer said.

“It appears that bad actors are scrambling to retool their ransomware to be more profitable, since they are catching fewer victims,” he said.

While no single exploit in 2017 rose to the level of darknet hacker tools Angler or Neutrino in 2016, there were plenty of malware writers using one another’s code and mixing them to form new malware, thus putting a strain on signature-only security controls, SonicWall said. The company collected 56 million unique malware samples in 2017, a drop of almost 7 percent from 2016.

Total volume of unique malware samples in 2017 was more than 51 percent higher than 2014.

“I think that there is a lot to be optimistic about in this year’s report — the decline of ransomware attack volume, the increased adoption of HTTPS by websites and the virtual disappearance of Adobe Flash as an attack vector stand out,” Gordineer said. “Also, the enhanced collaboration between government, law enforcement and the private sector is making it more difficult for malicious actors to operate. Our report details that several key arrests led to disruptions in the malware supply chain. Applying continued pressure on these perpetrators will ensure that this positive trend continues in 2018 and beyond.”

Chip processors and the Internet of Things (IoT) are emerging battlegrounds, SonicWall said. Organizations soon will need to implement advanced techniques that can detect and block malware that does not exhibit any malicious behavior and hides its weaponry via custom encryption.

“Stabilizing the cyber arms race requires the responsible, transparent and agile collaboration between governments, law enforcement and the private sector,” said Michael Chertoff, chairman of the Chertoff Group and former U.S. Secretary of Homeland Security. “Like we witnessed in 2017, joint efforts deliver a hard-hitting impact to cybercriminals and threat actors. This diligence helps disrupt the development and deployment of advanced exploits and payloads, and also deters future criminals from engaging in malicious activity against well-meaning organizations, governments, businesses and individuals.”