Malware-based Attacks Dropped 20% Worldwide

Meanwhile, criminals waged more encrypted, ransomware, and IoT attacks.

More signs that cybercriminals and nation-state hackers now operate as stealthily as possible to accomplish their missions: so far in 2019, malware and phishing are down and encrypted attacks are up.

Specifically, malware attacks decreased by 20% with 4.78 billion of them, phishing attacks, by 18% with 8.3 million, and encrypted attacks jumped 76% at 2.4 million, according to new data to be released today by SonicWall, which gathered attack data from its security sensors sitting in more than 200 countries. Ransomware, meanwhile, is still hot thanks to the broad availability of ransomware-as-a-service offerings, rising 15% worldwide, and up a whopping 195% in the UK.

Much of the malware decline has to do with the popularity of so-called file-less attacks and attackers using legitimate Windows and security tools to drill down deeper into their victim’s network. Some regions had very different stats, a study found: the US experienced the most dramatic drop in malware attacks – 17% – while Switzerland was hit with a 72% jump in malware attacks.

They’re also abusing encrypted channels such as HTTPS and SSL-based VPN channels to camouflage their traffic and malicious code. SonicWall has seen some 1,100 encrypted attack attempts per day per customer. Many organizations mistakenly assume encrypted traffic is legit traffic.

The attackers are able to place malware in a file and “come through that Web channel and via that VPN,”. “They either go to the HTTPS site or right to the end user’s desktop.”

Encryption abuse long has been a worry for organizations unsure how to efficiently monitor encrypted traffic. Gartner previously estimated that half of cyber attacks using malware in 2019 would employ some type of encryption, and 70% will do so by 2020. Meanwhile, many security tools cannot detect malware hidden in SSL.