Malware Declines, but Ransomware Soars
-
Malware Declines, but Ransomware Soars
While security professionals succeeded in crippling malware last year, ransomware surged by a factor of 167, to reach a shocking 638 million attacks in 2016. -
Point-of-Sale Malware Attacks Decline
POS malware attacks declined by 93% from 2014 to 2016. The number of new POS malware variants decreased by 88%, thanks to chip-based POS systems and the Payment Card Industry Data Security Standard. -
SSL/TSL Encryption Helped
Secure Sockets Layer/Transport Layer Security encrypted traffic grew 38%. 5.3 trillion web connections in 2015 grew to 7.3 trillion in 2016. 62% of web connections were SSL/TLS-encrypted. -
Dominant Exploit Kits Disappear
In early 2016, the malware market was dominated by Angular, Nuclear and Neutrino, but they later disappeared. The remaining exploit kits fragmented into smaller versions to fill the void. By Q3 2016, there were three versions of Rig. -
Exploit Kits Are Part of Ransomware Delivery
Variants of Cerber, Locky, CrypMic, BandarChor and TeslaCrypt have become primary workloads. -
There's a Huge Surge in Ransomware
Ransomware grew by a factor of 167 since 2015, from 3.8 million to 638 million attacks. Locky was deployed in 90% of Nemucod attacks. -
Ransomware Hit All Industries
Ransomware spared no industries. Mechanical and industrial engineering received 15% of average ransomware hits, pharmaceuticals and financial services got 13%, and real estate got 12%. -
IoT Compromised on Massive Scale
Cyber-criminals launched the largest DDoS attacks in history using the Mirai botnet. Most of the attacks took place in the United States (70%), Brazil (14%) and India (10%). -
Android Benefited Only Temporarily
Google patched vulnerabilities, but attackers used new techniques to beat them by coaxing Android users into providing permissions that allowed overlays to be used. -
Cyber-Criminals Victimized App Store Users
Ransomware and self-installing apps plagued third-party app stores. 4,000 distinct apps with self-installing payloads appeared within two weeks.
Last year, both good guys and bad guys achieved gains: Security professionals successfully fought off malware, but cyber-criminals benefited from an explosion in ransomware, according to the "2017 SonicWall Annual Threat Report." Ending a trend, the volume of unique malware samples fell to 60 million from 64 million in 2015, a 6.2% decrease, and the total number of malware attack attempts dropped for the first time in years to 7.9 billion from 8.2 billion in 2015. But Ransomware-as-a-Service enabled the 3.8 million ransomware attacks in 2015 to grow to what the report called "an astounding" 638 million attacks in 2016. The reasons include easier access to the underground market, the low cost of conducting a ransomware attack, the ease of distribution, and the low risk of getting caught or punished. "It would be inaccurate to say the threat landscape either diminished or expanded in 2016—rather, it appears to have evolved and shifted," said Bill Conner, president and CEO of SonicWall. "Cyber-security is not a battle of attrition; it's an arms race, and both sides are proving exceptionally capable and innovative." The report draws on data collected throughout 2016 by the SonicWall Global Response Intelligence Defense (GRID) Threat Network, which receives daily feeds from 1 million security sensors in 200 countries and territories. Following are highlights from the report.