Firewall News

Top Menu

  • Home
  • Our Blog
  • Contact Us

Main Menu

  • Software Updates
  • Alerts & Bugs
  • Out of the Box
  • Home
  • Our Blog
  • Contact Us

Firewall News

Firewall News

  • Software Updates
    • WatchGuard logo

      TDR 6.0.0 is now integrated into WatchGuard Cloud

      04/01/2021
      0
    • Sophos Logo

      XG Firewall 17.5 MR14 Released

      30/07/2020
      0
    • Sophos Logo

      Sophos Firewall Manager SFM 17.1 MR4 Released

      27/07/2020
      0
    • Sophos Logo

      Sophos Enterprise console - Endpoint Security and Control v10.8.9 for Windows has ...

      16/07/2020
      0
    • Sophos Logo

      Sophos iView v3 MR-2 Released

      07/07/2020
      0
    • Sophos Logo

      SD-RED Firmware 3.0.002 Pattern Update

      06/07/2020
      0
    • Sophos Logo

      XG Firewall 17.5 MR13 Released

      06/07/2020
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for old firmware v17 and v17.1 for XG Firewall

      03/07/2020
      0
    • WatchGuard logo

      Fireware 12.5.4 Now Available

      01/07/2020
      0
  • Alerts & Bugs
    • Sophos Logo

      Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

      29/03/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Updates

      03/03/2022
      0
    • WatchGuard logo

      WatchGuard Support Alert

      23/02/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Reminder

      03/02/2022
      0
    • Sophos Logo

      Sophos: Product Lifecycle Information: Extended Support for Windows 7 and Windows Server ...

      31/01/2022
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for Sophos SSL VPN Client

      29/11/2021
      0
    • WatchGuard logo

      WatchGuard: macOS Monterey 12.0.1 Does Not Support the AuthPoint Logon App

      09/11/2021
      0
    • Sophos Logo

      Sophos UTM Manager (SUM) End of Distribution

      04/11/2021
      0
    • WatchGuard logo

      WatchGuard: End of Sale Notice: AP420

      01/11/2021
      0
  • Out of the Box
    • WatchGuard’s Firebox T80 Earns 5-Star Rating in SC Labs Review

      17/11/2020
      0
    • WatchGuard Wins Big in CRN 2020 Tech Innovator Awards

      16/11/2020
      0
    • Coronavirus scams: what to look for and how to stop them

      02/04/2020
      0
    • Dell SonicWALL TZ 300

      Out the Box - Dell SonicWALL TZ 300

      05/07/2016
      0
    • Dell SonicWALL TZ SOHO

      Out the Box - Dell SonicWALL TZ SOHO

      05/07/2016
      0
    • WatchGuard Firebox T50

      WatchGuard Firebox T50

      31/03/2016
      0
    • WatchGuard Firebox M200

      WatchGuard Firebox M200

      31/03/2016
      0
NewsSonicWALL
Home›News›SONICWALL’S MID-YEAR CYBER THREAT REPORT FINDS MALICIOUS MICROSOFT OFFICE FILES ON RISE, RANSOMWARE UP IN US, GLOBALLY

SONICWALL’S MID-YEAR CYBER THREAT REPORT FINDS MALICIOUS MICROSOFT OFFICE FILES ON RISE, RANSOMWARE UP IN US, GLOBALLY

By admin
23/07/2020
1122
0
Share:
SonicWall Logo
  • 20% jump in ransomware globally, 109% spike in United States
  • 24% drop in malware attacks worldwide
  • 7% of phishing attacks capitalized on COVID-19 pandemic
  • 176% increase in malicious Microsoft Office file types
  • 23% of malware attacks leveraged non-standards ports
  • 50% rise of IoT malware attacks
  • Report analyzes threat intelligence data gathered from 1.1 million sensors in over 215 countries and territories

MILPITAS, Calif. — July 23, 2020 —The SonicWall Capture Labs threat research team today published the mid-year update to the 2020 SonicWall Cyber Threat Report, highlighting increases in ransomware, opportunistic use of COVID-19 pandemic, systemic weaknesses and growing reliance on Microsoft Office files by cybercriminals.

“Cybercriminals can be resourceful, often setting traps to take advantage of people’s kindness during a natural disaster, panic throughout a crisis and trust in systems used in everyday life,” said SonicWall President and CEO Bill Conner. “This latest cyber threat data shows that cybercriminals continue to morph their tactics to sway the odds in their favor during uncertain times. With everyone more remote and mobile than ever before, businesses are highly exposed and the cybercriminal industry is very aware of that. It’s imperative that organizations move away from makeshift or traditional security strategies and realize this new business normal is no longer new.”

Changing Landscape Leads to Waning Malware Volume
During the first half of 2020, global malware attacks fell from 4.8 billion to 3.2 billion (-24%) over 2019’s mid-year total. This drop is the continuation of a downward trend that began last November.

There are regional differences in both the amount of malware and the percentage change year over year, highlighting shifting cybercriminal focus. For example, the United States (-24%), United Kingdom (-27%), Germany (-60%) and India (-64%) all experienced reduced malware volume. Less malware doesn’t necessarily mean a safer world; ransomware has seen a corresponding jump over the same time period.

Ransomware Attackers Raise Stakes Again
Despite the global decline of malware volume, ransomware continues to be the most concerning threat to corporations and the preferred tool for cybercriminals, increasing a staggering 20% (121.4 million) globally in the first half of 2020.

“Remote and mobile workforces are at a turning point on the subject of security,” said Chad Sweet, Founder and CEO The Chertoff Group. “It has never been more prevalent for enterprises and organizations to prioritize online security and make what used to be a luxury, a secured and protected necessity.”

Comparatively, the U.S. and U.K. are facing different odds. SonicWall Capture Labs threat researchers logged 79.9 million ransomware attacks (+109%) in the U.S. and 5.9 million ransomware attacks (-6%) in the U.K. — trends that continue to ebb and flow based on the behaviors of agile cybercriminal networks.

Malware-laden COVID-19 Emails
The combination of the global pandemic and social-engineered cyberattacks has proven to be an effective mix for cybercriminals utilizing phishing and other email scams. Dating as far back as Feb. 4, SonicWall researchers detected a flurry of increased attacks, scams and exploits specifically based around COVID-19 and noted a 7% increase in COVID-related phishing attempts during the first two quarters.

As expected, COVID-19 phishing began rising in March, and saw its most significant peaks on March 24, April 3 and June 19. This contrasts with phishing as a whole, which started strong in January and was down slightly globally (-15%) by the time the pandemic phishing attempts began to pick up steam.

Office Lures Remain a Staple
Microsoft Office is a necessity with millions of employees now more remote and dependent on the business productivity suite of applications. Cybercriminals were quick to leverage this shift, as SonicWall threat researchers found a 176% increase in new malware attacks disguised as trusted Microsoft Office file types.

Leveraging SonicWall Capture Advanced Threat Protection (ATP) with Real-Time Deep Memory Inspection™ (RTDMI) technology, SonicWall discovered that 22% of Microsoft Office files and 11% of PDF files made up 33% of all newly identified malware in 2020. The patent-pending RTDMI™ technology identified a record 120,910 ‘never-before-seen’ malware variants during that time — a 63% increase over the first six months of 2019. 

“Cybercriminals are too sophisticated to use known malware variants, so they’re re-imagining and re-writing malware to defeat security controls like traditional sandboxing techniques — and it’s working,” said Conner.

What are the Riskiest U.S. States for Malware?
With over 1.1 million sensors worldwide collecting threat intelligence around the clock, SonicWall’s new ‘malware spread’ data highlights the riskiest U.S. states for malware attacks.

In the U.S., California, home to Silicon Valley, ranked the highest for total malware volume in 2020. However, it was not the riskiest state — or even in the top half of those ranked. Organizations in Kansas are more likely to experience a malware encounter, as nearly a third (31.3%) of sensors in the state detected a hit.

In contrast, just over a fifth of the sensors in North Dakota (21.9%) logged an attempted malware attack. The top five riskiest U.S. states, based on malware spread, are Kansas (31.3%), Montana (29.0%), Rhode Island (28.3%), Iowa (28.1% and Hawaii (27.7%).

This method of tracking malware spread is conducted by calculating the percentage of sensors that detected a malware attack, resulting in more useful and precise information about whether an organization is likely to see malware in an area. The greater the malware spread percentage, the more widespread malware is in a given region.

Attacks Using Non-standard Ports Make Comeback
Overall, an average of 23% of attacks took place over non-standard ports so far in 2020 — the highest mark since SonicWall began tracking the attack vector in 2018.

By sending malware across non-standard ports, assailants can bypass traditional firewall technologies, ensuring increased success for payloads. A ‘non-standard’ port is leveraged by services running on a port other than its default assignment (e.g., Ports 80 and 443 are standard ports for web traffic).

Two new monthly records were set during the first two quarters of 2020. In February, non-standard port attacks reached 26% before climbing to an unprecedented 30% in May. During that month, there was a surge in many specific attacks, such as VBA Trojan Downloader, that may have contributed to the spike.

IoT Continues to Serve Threats
Work-from-home (WFH) employees or remote workforces can introduce many new risks, including Internet of Things (IoT) devices like refrigerators, baby cameras, doorbells or gaming consoles. IT departments are besieged with countless devices swarming networks and endpoints as the footprint of their corporate expands beyond the traditional perimeter.

Researchers at SonicWall found a 50% increase in IoT malware attacks, a number that mirrors the number of additional devices that are connected online as individuals and enterprise alike function from home. Unchecked IoT devices can provide cybercriminals an open door into what may otherwise be a well-secured organization.

To download the full mid-year update, please visit www.sonicwall.com/ThreatReport.

Previous Article

Fortinet Customers Use FortiCloud’s SaaS Offerings to ...

Next Article

Sophos Advisory – Following re-categorization of DiskCryptor ...

0
Shares
  • 0
  • +
  • 0
  • 0
  • 0
  • 0

Related articles More from author

  • NewsTrendMicro

    Trend Micro Boosts Channel Leadership with Expanded and Enhanced Partner Program for Asia Pacific, Middle East, and Africa

    17/02/2020
    By admin
  • WatchGuard logo
    NewsWatchGuard

    WatchGuard Delivers Industry’s First Pay-as-You-Go Option for Network Security Hardware and Services

    14/01/2020
    By admin
  • SonicWall Capture Advanced Threat Protection Service
    News

    SonicWall Releases Capture Advanced Threat Protection Service

    27/07/2016
    By admin
  • NewsSophos

    Reducing TCO: How a three-person security team saved hundreds of hours every month

    31/07/2020
    By admin
  • Cisco Meraki
    News

    CISCO MERAKI – A NEW MX LINEUP FOR THE MODERN BRANCH

    28/08/2018
    By admin
  • NewsSophos

    Sophos Mobile 9.5 and Intercept X for Mobile have launched!

    14/01/2020
    By admin

  • Sophos Logo
    Alerts & BugsSophos

    Advisory: Sophos Central Maintenance scheduled for Saturday, June 19th, 2021

  • SonicWall Wins 7 New Awards
    NewsSonicWALL

    SonicWALL latest awards

  • Sophos Logo
    FirmwareSoftware UpdatesSophos

    Sophos: SFOS 17.5 MR11 Released

Timeline

  • 29/03/2022

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

  • 03/03/2022

    Sophos: Important Product Lifecycle Updates

  • 01/03/2022

    Shoring up your cybersecurity posture in light of ongoing crisis

  • 23/02/2022

    WatchGuard Support Alert

  • 03/02/2022

    Sophos: Important Product Lifecycle Reminder

Sponsored Links

Latest Comments

  • Paul Sillars
    on
    21/06/2016
    I received this in an email this morning, it was the first I heard about it ...

    Dell Software Group sold to help fund looming EMC deal

  • Paul Sillars
    on
    20/06/2016
    This is going to be an interesting one to watch. Especially after today's announcement that ...

    Ingram Micro gets distribution access to Dell’s security range in Australia

Find us on Facebook

Firewall.News Logo

This site serves more as a reference point for some of the major security vendor's updates and product/press releases

It will never be a definitive list, but it helps our customers keep up to date and also allows us to express our comment and observations as well.

About us

  • PO Box 451, North Lakes, Queensland, 4509, Australia
  • [email protected]
  • Recent

  • Popular

  • Comments

  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Sophos Logo

    Sophos: Important Product Lifecycle Updates

    By admin
    03/03/2022
  • Shoring up your cybersecurity posture in light of ongoing crisis

    By admin
    01/03/2022
  • WatchGuard logo

    WatchGuard Support Alert

    By admin
    23/02/2022
  • Dell SonicWALL Supermassive

    Ingram Micro gets distribution access to Dell’s security range in Australia

    By admin
    14/06/2016
  • Francisco Partners and Elliott Management to Acquire the Dell Software Group

    Dell Software Group sold to help fund looming EMC deal

    By admin
    21/06/2016
  • WatchGuard Firebox M500 – The Cure for HTTPS Performance Headaches

    By admin
    05/03/2015
  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Paul Sillars
    on
    21/06/2016

    Dell Software Group sold to help fund looming EMC deal

    I received this in ...
  • Paul Sillars
    on
    20/06/2016

    Ingram Micro gets distribution access to Dell’s security range in Australia

    This is going to ...

Follow Me

  • Contact
  • About Us
  • Home