Security Roundup: SonicWall, SolarWinds MSP, ForeScout-Carbon Black
Cybersecurity providers have their work cut out for them as malware and ransomware attacks, encrypted threats and chip-based attacks have all risen dramatically this year.
This week, SonicWall released a midyear update to its 2018 Cyber Threat Report, and the findings are alarming to say the least. Data for the report and update were gathered by the SonicWall Capture Threat Network, which gathers information from global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories; cross‐vector, threat‐related information shared among SonicWall security systems; and SonicWall’s internal malware analysis automation framework.
John Gordineer, SonicWall’s director of product marketing, tells us the data is imperative so organizations have the awareness to eliminate vulnerability gaps, adjust their security posture and deploy automated, real-time breach detection and prevention.
SonicWall’s John Gordineer
“At a very high level, we have seen a dramatic increase in the cyberattack volume this year,” he said. “For example, the average SonicWall customer faced a 102 percent increase in malware attacks. One of the highest-profile subcategories of malware – ransomware – is up 229 percent so far this year. This information can help our partners identify prospects with security products that are inadequate to defend against this new reality. We also found that cryptojacking – botnets that harness unsuspecting victims’ compute power to mine cryptocurrency – is taking off. Partners can have a conversation with customers and prospects on this topic to ensure they are aware and properly defending against this new attack vector.”
The malware boom of 2017 has shown no signs of stopping through the first half of 2018. SonicWall Capture Labs threat researchers recorded almost 6 billion malware attacks during the first two quarters of the year. At this same point in 2017, SonicWall logged fewer than 3 billion.
On a month-to-month basis this year, malware volume remained consistent in the first quarter before dropping to less than 1 billion per month across April, May and June; however, these totals still were more than double that of 2017.
“SonicWall recorded 5.6 million attempts to install malware that mines cryptocurrency in the first six months alone,” Gordineer said.
SonicWall Capture Labs threat researchers found that ransomware attacks dropped significantly – from 645 million to 184 million – between 2016 and 2017; however, attacks surged during the first half of this year, with 181.5 million attacks.
The use of encryption continues to grow for both legitimate traffic and malicious cyberattacks. Last year, SonicWall reported that 68 percent of sessions were encrypted by SSL/TLS standards. Through the first half of 2018, nearly 70 percent of sessions are leveraging encryption.
Cybercriminals are strategically following this trend to help prevent their malicious payloads from being discovered. Encrypted attacks increased 275 percent when compared to this time in 2017, according to SonicWall.
In terms of the threat landscape looking ahead, at the top of the list is a prediction that Meltdown and Spectre will end up being used in exploits this year, Gordineer said.
“These vulnerabilities were leaked late last year and, to date, we haven’t seen any exploits built around them, but we believe there is …
