SonicWall
Newsroom Latest SonicWall Intelligence Reveals Unstable Cyber Threat Landscape, Amplifying Concerns for Security Professionals

Latest SonicWall Intelligence Reveals Unstable Cyber Threat Landscape, Amplifying Concerns for Security Professionals

  • Global malware volume tops 4 billion, flat through three quarters
  • Malware attempts dipped 8% in U.S., rose 3% in EMEA
  • Despite 31% decline in global ransomware attempts from 2021, volume exceeds full-year totals when compared to four of the last five years (623.3 million)
  • Customers saw an average 1,014 ransomware attempts through three quarters
  • 91% of IT leaders cited financially motivated attacks as biggest concern
  • Capture ATP earns seventh consecutive 100% threat detection score in ICSA Labs Advanced Threat Defense (ATD) Q3 2022 testing

MILPITAS, Calif. — OCT. 25, 2022 — SonicWall, publisher of the world’s most quoted ransomware threat intelligence, today released new threat data through the third quarter of 2022. SonicWall recorded more than 4 billion malware attempts globally while year-to-date ransomware attempts in 2022 have already exceeded full-year totals from four of the last five years. In the recent 2022 SonicWall Cyber Threat Mindset Survey, 91% of organizations reported that they are most concerned about ransomware attacks, indicating a rise of anxiety among security professionals.

“Being a security professional has never been more difficult,” said SonicWall President and CEO Bob VanKirk. “The cyber warfare battlefront continues to shift, posing dangerous threats to organizations of all sizes. With expanding attack surfaces, growing numbers of threats and the current geo-political landscape, it should be no surprise that even the most seasoned IT professional can feel overwhelmed. Armed with the latest cybersecurity tools, SonicWall partners can play a vital role in helping customers stay secure in even the most dynamic threat environments.”

Ransomware Attacks Shift, Tactics Intensify, Diversify
After a record-breaking 2021, overall ransomware attacks have trended down in the first three quarters of 2022 — especially in the United States (-51%). However, attack locations have continued to shift, as ransomware attempts jumped in the U.K. (20%), EMEA (38%) and APJ (56%) compared to the same time frame last year. Proprietary SonicWall threat intelligence also found that Q3 2022 was the lowest quarterly ransomware volume since Q3 2020. Even in decline, SonicWall recorded 338.4 million ransomware attempts since the beginning of the year.

It is easier than ever to perform ransomware attacks. With Ransomware-as-a-Service (RaaS) offerings, even less technical cybercriminals can purchase ransomware kits on the dark web and target organizations with minimal experience.

Ransomware actors also are diversifying their business models and broadening their networks as demand for their services continues to grow, leading to an explosion in the variety of different tools and resources being offered via illicit marketplaces. According to SonicWall survey data, organizations are concerned with how easily ransomware attacks can be launched and 89% cited concern of financially motivated threats.

“Ransomware has evolved at an alarming rate, particularly in the past five years — not only in volume but in attack vectors,” said SonicWall Emerging Threat Expert Immanuel Chavoya. “The latest Q3 data shows how bad actors are getting smarter in the development of evolutionary strains and more targeted in their assaults.”

Cryptojacking, IoT Malware Volume Continue Upward Trend
Hackers are increasingly targeting financial firms, such as banks and trading houses, with cyberattacks designed to maliciously use computer systems to illegally mine cryptocurrencies. Cryptojacking numbers jumped 35% globally through three quarters, including a 377% spike in EMEA and 160% increase in APJ.

With more smart devices entering the digital space every day there is a growing need for Internet of things (IoT) security. IoT devices have multiple ways to connect to a network, offering multiple attack vectors to exploit. IoT malware climbed 92% globally, with 82% and 200% jumps in APJ and North America, respectively.

“With over 1.4 million endpoints collecting data around the globe, SonicWall has more data to uncover emerging threat trends and provide a true depiction of what is happening in the cyber threat landscape,” said Solutions Granted (SGI) CEO Michael Crean. “They say knowledge is power and SonicWall’s proprietary data helps SGI stay informed, which in turn helps us educate our customer base.  Leveraging SonicWall’s research helps SGI create actionable steps to help us keep our customers safer!”

Machine Learning Uncovering ‘Never-before-seen’ Malware Variants
SonicWall’s patented Real-Time Deep Memory InspectionTM (RTDMI) technology identified 373,756 never-before-seen malware variants during the first three quarters of 2022 — a 22% increase year-to-date.

One of these never-before-seen malware variants was Spyder Loader, which was observed targeting government organizations in Hong Kong in October 2022. SonicWall RTDMI proactively detected this malware strain and SonicWall Capture Labs threat researchers were the first to publish their analysis in a March 2021 SonicAlert —  a showcase of RTDMI’s machine learning-powered capabilities.

SonicWall Capture ATP Showcases ‘Perfect Threat Detection’
In October 2022, SonicWall Capture Advanced Threat Protection (ATP) with RTDMI earned its seventh consecutive 100% threat detection score in ICSA Labs Advanced Threat Defense (ATD) testing for Q3 2022, the solution’s 11th consecutive certification. ICSA Labs is an independent third party that tested SonicWall’s solutions using never-before-seen malware samples, many just hours old.

To learn more about SonicWall security efficacy and perfect threat detection scores from Capture ATP, please visit SonicWall.com/ICSA.

About SonicWall Capture Labs
SonicWall Capture Labs threat researchers gather, analyze and vet cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 215 countries and territories. SonicWall Capture Labs, which pioneered the use of artificial intelligence for threat research and protection over a decade ago, performs rigorous testing and evaluation on this data, establishes reputation scores for email senders and content, and identifies new threats in real-time.

About SonicWall
SonicWall delivers Boundless Cybersecurity for the hyper-distributed era in a work reality where everyone is remote, mobile and unsecure. SonicWall safeguards organizations mobilizing for their new business normal with seamless protection that stops the most evasive cyberattacks across boundless exposure points and increasingly remote, mobile and cloud-enabled workforces. By knowing the unknown, providing real-time visibility and enabling breakthrough economics, SonicWall closes the cybersecurity business gap for enterprises, governments and SMBs worldwide. For more information, visit www.sonicwall.com or follow us on TwitterLinkedInFacebook and Instagram.

Latest Stories

" alt="" />
July 17, 2024

SonicWall Unveils Zero Trust Network Access (ZTNA) Tailored for MSPs, Launches Cloud Secure Edge (CSE) Suited for Any Stage of Cloud Migration

SonicWall Combines Acquired Industry-Leading Security Service Edge (SSE) Solutions with SonicWall’s SME Network Security Experience to Create a Cloud-Delivered ZTNA Solution for MSPs MILPITAS, Calif. — July 18, 2024 — SonicWall announced today the launch of Cloud Secure Edge (CSE), offering an innovative suite of Zero Trust Access offerings designed specifically for MSPs who are meeting customers with increasingly remote work forces on their cloud migration journeys. With flexible, cost-effective solutions for remote access and internet access, CSE empowers organizations to securely connect employees and third-party users to resources from any device and location with unparalleled simplicity and security. Born from years of delivering innovative Security Service Edge (SSE) solutions for mid-enterprise customers, CSE is a unified, cloud-delivered multi-tenant platform for MSPs of all sizes. Customers will be able to choose from a range of Secure Internet Access (SIA) and Secure Private Access (SPA) solutions that replace legacy VPNs with cloud-native solutions that deliver network security at all price points. For organizations that want to combine zero trust with firewall protection, SonicWall is embedding a Private Connector in SonicWall Next-Gen Firewalls (NGFW) to strengthen existing multi-layer security with a zero trust architecture, providing unprecedented ease of deployment while leveraging existing infrastructure. "In today's dynamic threat landscape, where remote work and cloud adoption are accelerating, organizations need a flexible security solution that can seamlessly protect users and data across any network environment,” said SonicWall Executive Vice President of Product Strategy Tarun Desikan. “Banyan was an early innovator and market leader in delivering SSE to enterprises of all sizes. CSE takes that experience and adds SonicWall’s network security knowledge to launch highly flexible and cost-effective solutions - ensuring that any organization can maintain high-performance connectivity while safeguarding against evolving cyber threats. These innovative offerings, designed in consultation with SonicWall MSPs, not only simplify deployment and management but also enhance overall security posture, making them essential and accessible tools for evolving IT environments." While established vendors offer complex SSE solutions geared toward large enterprises, CSE fills the gap experienced by SMEs by providing a straightforward, scalable ZTNA solution ideal for MSPs and their mid-market and SMB customers. CSE adds to our existing remote access solutions enabling SonicWall to help any business no matter what phase they’re at in their transition to the cloud. "When we acquired Banyan in January, we said we would empower partners by delivering a security architecture for any stage of their customers’ evolving cloud journey,” said SonicWall CEO and President Bob VanKirk. “Cloud Secure Edge is the first step of that delivery, with additional MSP-friendly components of the SSE stack to follow. We are redefining SSE for the SME market by combining simplicity and management with robust security, empowering organizations to embrace zero trust principles effortlessly. Our goal is to provide our partners and their customers with confidence that their data and resources are protected, regardless of where their workforce operates." From VPN as a Service (VPNaaS) to ZTNA to SSE, CSE leverages existing network security infrastructure with a cloud-delivered solution that simplifies deployment and management while offering robust security capabilities suitable for organizations of all sizes. Because traditional appliance-based solutions are no longer sufficient in today’s evolving landscape of cloud applications, remote work, and mobile devices, SonicWall has designed a set of offerings that integrate with SonicWall network security solutions to emphasize ease of deployment and management and flexibility to address any cloud migration use case. "We see firsthand the challenges organizations face in securing their increasingly dispersed workforce,” said SonicWall partner and CEO of Black Mountain Rama Polefka. “Cloud Secure Edge addresses these challenges head-on by providing a comprehensive set of solutions that are not only easy to deploy and manage but also deliver robust security capabilities. Whether it’s replacing tradition VPNs, delivering a cost-effective endpoint-based DNS offering or delivering a full ZTNA architecture, this solution allows us to offer our customers who are implementing a hybrid cloud migration a scalable and efficient way to protect their critical assets while ensuring seamless connectivity for their remote workforce." Additional key benefits for MSPs include: Firewall Connector: SonicWall customers can leverage CSE Connector integration within their Next-Generation firewalls (Gen7) starting with SonicOS 7.1.2, enabling ZTNA to their private apps hosted behind the firewall. Seamless Integration: The addition of Cloud Secure Edge is designed to integrate seamlessly with MySonicWall. This ensures a smooth transition for MSPs, allowing them to leverage new capabilities without disrupting their current operations. Simplified Remote Access:CSE Connector integration in SonicOS 7.1.2 allows employees to securely access authorized applications from anywhere, on any single device, without having to deal with repetitive and complex VPN and Access Policy configurations. Monthly Billing: The integration features the addition of CSE to the Service Provider Program to offer no-commitment, in arrears billing which aligns with how MSPs charge their customers – with flexible and cost-effective license tiers. Regional Compliance: The integration features a new CSE data center hosted in Frankfurt, Germany to ease adoption and data residency compliance with frameworks like GDPR. Multi-tenant Management for MSPs: Added multi-tenancy management, designed with MSPs and MSSPs in mind For more information on SonicWall’s Cloud Security Edge please visit https://www.sonicwall.com/products/cloud-secure-edge/. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
July 2, 2024

SonicWall Launches EMEA Managed Security Services Backed by a 24×7 European Security Operations Center (SOC)

SonicWall delivers on its promises of more fortification and flexibility for EMEA partners with key Managed Security Services additions – all ahead of strict new EU tech regulations MILPITAS, Calif. — July 3, 2024 — SonicWall announced today that it has rolled out its new Managed Security Services suite for European Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs) and other partners, all backed by a new locally-based 24x7x365 Security Operations Center (SOC) providing local understanding of regional cyber threats, regulations, and business environments, enhancing threat detection and response capabilities. The announcement reinforces SonicWall’s commitment to its valued partners and extends its portfolio to include EMEA-based Managed Detection and Response (MDR), Security Operations Center services (SOCaaS), and other managed security services that are delivered in partnership with MSPs and MSSPs. “Within the past year, SonicWall made a commitment to its global partners that it would take an endpoint agnostic and flexible tailored to their unique journeys – we delivered that in February,” said SonicWall CEO and President Bob VanKirk. “Building on this commitment, we’re now introducing managed security services, an EMEA-based SOC, and a suite of additional tools and resources essential for our partners’ success. Our establishment of an EMEA-based SOC with European data residency further strengthens our promise to empower partners with local expertise and rapid response capabilities, crucial for effective client protection amidst Europe's ever-evolving cybersecurity landscape. Additionally, we've upheld our pledge to partners by recently launching MDR for Capture Client, Sentinel One, and Microsoft Defender. SonicWall’s European-based SOC is now available, ensuring European partners can offer their customers enterprise-grade SOC monitoring while remaining compliant with European regulations. In many cases, MSPs and other organizations don’t have an in-house SOC team monitoring alerts and managing the performance of security solutions around the clock, meaning there can be delays in taking defensive action at critical times. Alert fatigue can also be a problem as it can be difficult to identify true problems in the noise of false positives. Adding a SOC provides 24x7x365 monitoring, so that alerts are prioritized, and no alert is missed, no matter when it comes in. Sustained EMEA Momentum This announcement comes a week after the conclusion of SonicWall’s EMEA Partner Conference Elevate 2024, held in Lisbon, Portugal. Partners from across Europe joined SonicWall’s leadership for a hands-on understanding of SonicWall’s new Managed Security Services solutions, and for a better understanding on how to grow and diversify their business in an increasingly dynamic threat and business environment. “We listened to our community and delivered solutions that will dramatically impact their businesses, and the feedback we received at Elevate 2024 was overwhelmingly positive,” said SonicWall Chief Strategy Officer Matt Neiderman. “Our commitment to empowering our partners with a platform of modern solutions designed to help them grow their business is evident in both EMEA and around the globe, and we will continue to enhance the solutions and tools they need to sustain this current momentum.” EU’s Strict Regulations The addition of these Managed Security Service solutions comes just ahead of the European Union’s strict new DORA regulations which, from January 17, 2025, will place additional compliance burdens on cybersecurity providers and their customers. Compliance with DORA will involve a rethink of current risk management frameworks and operational resilience assessments including penetration testing, incident response and third-party risks. “The EU is leading the way globally on cyber-resilience to protect its economic interests with DORA,” said SonicWall Vice President of EMEA Spencer Starkey. “SonicWall’s new SOC is physical proof we’re onboard ahead of this important new regulatory reality. We know attackers work internationally and not just nine to five, now our partners can offer ultra-fast, local response capabilities with EU data residency starting today.” The new enterprise-grade SOC is an addition to SonicWall’s existing Managed Extended Detection and Response (MXDR) capabilities announced earlier this year to deliver powerful cybersecurity monitoring and response across the entire attack surface, including firewalls, endpoint protection, antivirus and cloud threat detection for MSPs and MSSPs. “Having a European-based SOC is pivotal for ensuring compliance with stringent regulations like GDPR and DORA,” said long-time SonicWall Partner and CTO at Data-Sec GmbH Moritz Freiherr von Schwerin. “It not only strengthens our ability to protect sensitive data and uphold privacy standards but also enables us to provide localized, agile responses to emerging cybersecurity threats specific to our region. This localization is crucial for maintaining trust and delivering effective security solutions that meet the unique needs of our clients across Europe. SonicWall has enhanced its offerings, both organically and through acquisitions, and they’re focused on supporting us better than ever before.” For more information on SonicWall’s Managed Security Services please visit: https://www.sonicwall.com/products/managed-security-services/. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
June 11, 2024

SonicWall Builds off its Partner Strength to Drive New Heights at Elevate 2024

Partners will get exclusive previews of the recently announced SonicPlatform and SonicWall’s newly enhanced solution roadmap from its recent acquisitions MILPITAS, Calif. — June 11, 2024 — SonicWall announced today the return of SonicWall Elevate, its premier partner event where it will detail its recent acquisitions and preview its solution roadmap which is helping organization create defensive measures from cloud to endpoint. This is yet another delivery for SonicWall’s valued partner and customer community – which has generated incredible momentum over the last several quarters. “SonicWall has been actively listening to its partner channel for the last 18 months and Elevate 2024 is another testament to our commitment to provide partners what they need to succeed in 2024 and beyond,” said SonicWall CEO Bob VanKirk. “Our partners are a force multiplier, one of our key differentiators, and we will be sharing an updated roadmap that has been specifically shaped by our partners’ voices. We have added managed security services, cloud-native security and more – all to put our partners in position to take their businesses to new heights.” SonicWall Elevate will involve sharing  key updates on its network security products, threat intelligence, as well as its newly acquired additions which include security service edge (SSE), zero trust network access (ZTNA) and additional managed security services for threat detection and response. With the platform, users get a unified backend for threat visibility and simplified workflows, uniquely positioning SonicWall well with an end-to-end solution. Elevate 2024 is designed to give partners all the tools they need to succeed in the coming year and beyond, including: Exclusive demos of SonicWall’s latest technology, including the new SonicPlatform Information on how to leverage recent acquisitions and how partners can grow and diversify their business to increase revenue Enhance the value of network security solutions and see what’s coming next Everything partners need to know about decreasing alert fatigue and growing opportunities with the 24x7 SOC protection of SonicWall MDR Interactive breakout sessions, complete with workshops and Q&A Opportunities for partners to offer feedback directly to SonicWall executive leadership SonicWall is experiencing consecutive quarters of partner growth, fueled by the explosive expansion in our Service Provider Program, recent program enhancements, and a dedicated focus on channel engagement. Over the last three quarters, SonicWall has seen an increase of transacting partners, including a 4% quarter-over-quarter growth. When and Where Americas June 12-14:Dallas, TX USA Europe, Middle East and Africa June 26-28: Lisbon, Portugal Asia, Pacific and Japan July 10-12: Bali, Indonesia For more information about Elevate 2024 and to register, please visit https://www.sonicwall.com/events/sonicwall-elevate-2024/. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
May 2, 2024

SonicWall Data Reveals the Top Five Most Widespread Network Attacks Used Against Small Businesses

The last two years of firewall telemetry data, paints a clear picture of what attacks are most widespread amongst SMBs – demanding the need for prioritization MILPITAS, Calif. — May 2, 2024 — A review of SonicWall telemetry data suggests that the most widespread network attacks to small businesses (SMBs) are older vulnerabilities with a large amount of publicly available information and affecting major vendors. In light of this data, prioritization is a critically important factor for today’s CISOs who are asked to manage and prioritize risk. “In order to properly prioritize threats, we must first understand what attacks, vulnerabilities, and tactics are being used by our enemies,” said SonicWall Executive Director of Threat Research Doug McKee. “Relying too heavily on one factor (e.g., CVSS scores) can lead to an incomplete view of the risk associated with a vulnerability. Consider all factors together to develop a comprehensive understanding of the risk landscape and prioritize vulnerabilities accordingly.” From January 2022 to March 2024, using SonicWall IPS data, SonicWall determined the most widespread attacks against small businesses. Here are the top five ranked: Log4j (CVE-2021-44228) - 43% of organizations were under attack Fortinet SSL VPN Path Traversal (CVE-2018-13379) - 35% of organizations were under attack Heartbleed (CVE-2014-0160) - 35% of organizations were under attack Atlassian Pre-Auth Arbitrary File Read (CVE-2021-26085) - 32% of organizations were under attack VMware SSRF (CVE-2021-21975) - 28% of organizations were under attack The “newest” vulnerability on this list is almost three years old, and the oldest goes back almost a decade.  This suggests the biggest “win” for small businesses is to ensure they have a solid methodology in place for dealing with well-known vulnerabilities, regardless of the age of the threat. “It is still very relevant to spend time and resources tracking down items like heart bleed and log4j, which is arguably more valuable than worrying about the latest AI threat or zero days in Microsoft with no publicly available exploit,” said McKee. Prioritization is Key Prioritization is a critical factor for today’s CISOs who are asked to manage and prioritize risk.  The largest challenge with supply chain issues like Log4j, is understanding simply – is it used and where?  Product security testing or other forms of deep technical analysis of the product used on your network is vital to ensure a business is protected from threats being used by attackers and therefore should take priority in terms of funding. For more information visit www.sonicwall.com. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
Follow Us

© 2024 SonicWall. All Rights Reserved.

Company
Popular resources
Subscribe to newsletter

Stay In Touch

  • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • This field is for validation purposes and should be left unchanged.