SonicWall
Newsroom SonicWall Threat Data Exposes Depths of Cyberattacks; Propels the Need for Managed Service Providers (MSPs)

SonicWall Threat Data Exposes Depths of Cyberattacks; Propels the Need for Managed Service Providers (MSPs)

  • Overall intrusion attempts climb (+20%), as threat actors diversify tactics – increase in attacks around the globe
  • Ransomware intensifies through the year (+27% in 2H) peaking during the summer months (+37%)
  • Total cryptojacking volume – spikes +659% globally
  • IoT exploit (+15%) and encrypted threats (+117%) also on the rise
  • SonicWall discovered 293,989 ‘never-before-seen’ malware variants – 805 a day

MILPITAS, Calif. — February 21, 2024 — SonicWall today released the 2024 SonicWall Annual Cyber Threat Report, which exposes all types of cyber behaviors and trends from digital adversaries to help partners build data-driven solutions to keep customers safe. 2023 proved to be a year of volatile, adaptive and creative digital threats, as threat actors continue to be relentless in their assault, leaving organizations looking for another layer of defense.

Organizations are increasingly turning to Managed Service Providers (MSPs) to alleviate pressure on IT departments. Managed services have emerged as a game-changing solution, providing organizations with an additional human-layer of defense, addressing alert fatigue, and freeing up valuable resources and time for core business functions.

“The SonicWall 2024 Threat Report reveals that the threat landscape continues to grow in complexity and depth as threat actors adopt new tactics and platforms,” said SonicWall President and CEO Bob VanKirk. “It has become clear that conventional network security isn’t enough. Security professionals need assistance to cope with the overwhelming volume of cyberattacks and protect from the endpoint to the cloud. Especially as the cloud becomes an indispensable reality for businesses, the role of MSPs is shifting from technical maintenance to raising the bar on their cutomers security posture.”

Overall intrusions numbers climbed, totaling almost 1 billion more attempts compared to the same time as last year. Global cryptojacking volume rose 659% and encrypted threat jumped 117%, as threat actors opted for a stealthier, less risky means of malicious activities. The data illustrates the tenacious and evolving state of cyber threats, underscoring the need for businesses to continually adapt their security strategies, and serves as a call for organizations to lean on MSPs to help identify and remediate threats quickly.

Evolved, Diversified Attack Vector

“When it comes to protecting your most valuable assets, organizations must remain alert, and deploy proactive cybersecurity measures, and focus on the threats that actually matter,” said SonicWall Executive Vice President of Managed Security Services Michael Crean. “Today’s organizations demand an integrated approach for end-to-end managed threat protection enabling MSPs to help customers navigate the cybersecurity landscape with confidence and resilience – giving them a distinct competitive edge.”

Cybercriminals and nation states are adapting their abilities to gain access to critical infrastructure, making the threat landscape even more complex and forcing organizations to reconsider their security needs. The second half of the 2023 saw a barrage of ransomware activity (+27%) and a variety of other attacks have trended up globally annually, including IoT exploit (+15%), intrusion attempts (+20%) and encrypted threats (+117%).

“In an era where cyber threats are increasingly sophisticated, MSPs are the frontline defense protecting their customers and helping them spend more of their time managing their business’ needs,” said CTO of Compass MSP and longtime SonicWall partner Alex Tsukanov. “New threats are emerging every day, and MSPs use threat insights to build an actual plan with the necessary capabilities to keep our customers safe, like that found in the SonicWall’s threat report.”

SMB to the Enterprise – The Surge Continues

While ransomware continues to be a threat, SonicWall Capture Labs threat researchers expect a broader set of actions in 2024, specifically targeting SMBs, governments and the enterprise. SonicWall sensors identify and prevent more than 19,000 threats per day.

The 2024 SonicWall Cyber Threat Report provides insight on a range of threats, including:

  • Malware – Total global malware volume rose 11% in 2023, with Latin America and the U.S. logging the biggest jumps – (+30%) and (+15%) respectively. Surprisingly, Europe saw a (-2%) decrease, with the UK seeing the steepest decline of -28%.
  • Ransomware – Overall ransomware numbers saw a -36% decline annually, the summer months and second half of the year suggests a strong rebound, as it spiked +37% during the summer months when compared to the same time last year.
  • IoT Exploit – Global volume rose 15%, as connected devices continue to rapidly multiply, bad actors are targeting weak points of entry as potential attack vectors into organizations.
  • Encrypted Threats – Yet another quieter approach embraced by bad actors in the last year was encrypted threats, which spiked (+117%) globally.

Patented RTDMI Discovered more than 294,000 ‘Never-Before-Seen’ Malware Variants

SonicWall’s patented Real-Time Deep Memory Inspection™ (RTDMI™) technology identified a total of 293,989 never-before-seen malware variants in 2023. The threat landscape remains complex, with almost 800 strains of new variants discovered each day.

To learn more about SonicWall and get the complete 2024 SonicWall Cyber Threat Report, please visit www.sonicwall.com/threatreport.

About SonicWall Capture Labs

SonicWall Capture Labs threat researchers gather, analyze and vet cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 215 countries and territories. SonicWall Capture Labs, which pioneered the use of artificial intelligence for threat research and protection over a decade ago, performs rigorous testing and evaluation on this data, establishes reputation scores for email senders and content, and identifies new threats in real-time.

About SonicWall

SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Latest Stories

" alt="" />
July 17, 2024

SonicWall Unveils Zero Trust Network Access (ZTNA) Tailored for MSPs, Launches Cloud Secure Edge (CSE) Suited for Any Stage of Cloud Migration

SonicWall Combines Acquired Industry-Leading Security Service Edge (SSE) Solutions with SonicWall’s SME Network Security Experience to Create a Cloud-Delivered ZTNA Solution for MSPs MILPITAS, Calif. — July 18, 2024 — SonicWall announced today the launch of Cloud Secure Edge (CSE), offering an innovative suite of Zero Trust Access offerings designed specifically for MSPs who are meeting customers with increasingly remote work forces on their cloud migration journeys. With flexible, cost-effective solutions for remote access and internet access, CSE empowers organizations to securely connect employees and third-party users to resources from any device and location with unparalleled simplicity and security. Born from years of delivering innovative Security Service Edge (SSE) solutions for mid-enterprise customers, CSE is a unified, cloud-delivered multi-tenant platform for MSPs of all sizes. Customers will be able to choose from a range of Secure Internet Access (SIA) and Secure Private Access (SPA) solutions that replace legacy VPNs with cloud-native solutions that deliver network security at all price points. For organizations that want to combine zero trust with firewall protection, SonicWall is embedding a Private Connector in SonicWall Next-Gen Firewalls (NGFW) to strengthen existing multi-layer security with a zero trust architecture, providing unprecedented ease of deployment while leveraging existing infrastructure. "In today's dynamic threat landscape, where remote work and cloud adoption are accelerating, organizations need a flexible security solution that can seamlessly protect users and data across any network environment,” said SonicWall Executive Vice President of Product Strategy Tarun Desikan. “Banyan was an early innovator and market leader in delivering SSE to enterprises of all sizes. CSE takes that experience and adds SonicWall’s network security knowledge to launch highly flexible and cost-effective solutions - ensuring that any organization can maintain high-performance connectivity while safeguarding against evolving cyber threats. These innovative offerings, designed in consultation with SonicWall MSPs, not only simplify deployment and management but also enhance overall security posture, making them essential and accessible tools for evolving IT environments." While established vendors offer complex SSE solutions geared toward large enterprises, CSE fills the gap experienced by SMEs by providing a straightforward, scalable ZTNA solution ideal for MSPs and their mid-market and SMB customers. CSE adds to our existing remote access solutions enabling SonicWall to help any business no matter what phase they’re at in their transition to the cloud. "When we acquired Banyan in January, we said we would empower partners by delivering a security architecture for any stage of their customers’ evolving cloud journey,” said SonicWall CEO and President Bob VanKirk. “Cloud Secure Edge is the first step of that delivery, with additional MSP-friendly components of the SSE stack to follow. We are redefining SSE for the SME market by combining simplicity and management with robust security, empowering organizations to embrace zero trust principles effortlessly. Our goal is to provide our partners and their customers with confidence that their data and resources are protected, regardless of where their workforce operates." From VPN as a Service (VPNaaS) to ZTNA to SSE, CSE leverages existing network security infrastructure with a cloud-delivered solution that simplifies deployment and management while offering robust security capabilities suitable for organizations of all sizes. Because traditional appliance-based solutions are no longer sufficient in today’s evolving landscape of cloud applications, remote work, and mobile devices, SonicWall has designed a set of offerings that integrate with SonicWall network security solutions to emphasize ease of deployment and management and flexibility to address any cloud migration use case. "We see firsthand the challenges organizations face in securing their increasingly dispersed workforce,” said SonicWall partner and CEO of Black Mountain Rama Polefka. “Cloud Secure Edge addresses these challenges head-on by providing a comprehensive set of solutions that are not only easy to deploy and manage but also deliver robust security capabilities. Whether it’s replacing tradition VPNs, delivering a cost-effective endpoint-based DNS offering or delivering a full ZTNA architecture, this solution allows us to offer our customers who are implementing a hybrid cloud migration a scalable and efficient way to protect their critical assets while ensuring seamless connectivity for their remote workforce." Additional key benefits for MSPs include: Firewall Connector: SonicWall customers can leverage CSE Connector integration within their Next-Generation firewalls (Gen7) starting with SonicOS 7.1.2, enabling ZTNA to their private apps hosted behind the firewall. Seamless Integration: The addition of Cloud Secure Edge is designed to integrate seamlessly with MySonicWall. This ensures a smooth transition for MSPs, allowing them to leverage new capabilities without disrupting their current operations. Simplified Remote Access:CSE Connector integration in SonicOS 7.1.2 allows employees to securely access authorized applications from anywhere, on any single device, without having to deal with repetitive and complex VPN and Access Policy configurations. Monthly Billing: The integration features the addition of CSE to the Service Provider Program to offer no-commitment, in arrears billing which aligns with how MSPs charge their customers – with flexible and cost-effective license tiers. Regional Compliance: The integration features a new CSE data center hosted in Frankfurt, Germany to ease adoption and data residency compliance with frameworks like GDPR. Multi-tenant Management for MSPs: Added multi-tenancy management, designed with MSPs and MSSPs in mind For more information on SonicWall’s Cloud Security Edge please visit https://www.sonicwall.com/products/cloud-secure-edge/. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
July 2, 2024

SonicWall Launches EMEA Managed Security Services Backed by a 24×7 European Security Operations Center (SOC)

SonicWall delivers on its promises of more fortification and flexibility for EMEA partners with key Managed Security Services additions – all ahead of strict new EU tech regulations MILPITAS, Calif. — July 3, 2024 — SonicWall announced today that it has rolled out its new Managed Security Services suite for European Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs) and other partners, all backed by a new locally-based 24x7x365 Security Operations Center (SOC) providing local understanding of regional cyber threats, regulations, and business environments, enhancing threat detection and response capabilities. The announcement reinforces SonicWall’s commitment to its valued partners and extends its portfolio to include EMEA-based Managed Detection and Response (MDR), Security Operations Center services (SOCaaS), and other managed security services that are delivered in partnership with MSPs and MSSPs. “Within the past year, SonicWall made a commitment to its global partners that it would take an endpoint agnostic and flexible tailored to their unique journeys – we delivered that in February,” said SonicWall CEO and President Bob VanKirk. “Building on this commitment, we’re now introducing managed security services, an EMEA-based SOC, and a suite of additional tools and resources essential for our partners’ success. Our establishment of an EMEA-based SOC with European data residency further strengthens our promise to empower partners with local expertise and rapid response capabilities, crucial for effective client protection amidst Europe's ever-evolving cybersecurity landscape. Additionally, we've upheld our pledge to partners by recently launching MDR for Capture Client, Sentinel One, and Microsoft Defender. SonicWall’s European-based SOC is now available, ensuring European partners can offer their customers enterprise-grade SOC monitoring while remaining compliant with European regulations. In many cases, MSPs and other organizations don’t have an in-house SOC team monitoring alerts and managing the performance of security solutions around the clock, meaning there can be delays in taking defensive action at critical times. Alert fatigue can also be a problem as it can be difficult to identify true problems in the noise of false positives. Adding a SOC provides 24x7x365 monitoring, so that alerts are prioritized, and no alert is missed, no matter when it comes in. Sustained EMEA Momentum This announcement comes a week after the conclusion of SonicWall’s EMEA Partner Conference Elevate 2024, held in Lisbon, Portugal. Partners from across Europe joined SonicWall’s leadership for a hands-on understanding of SonicWall’s new Managed Security Services solutions, and for a better understanding on how to grow and diversify their business in an increasingly dynamic threat and business environment. “We listened to our community and delivered solutions that will dramatically impact their businesses, and the feedback we received at Elevate 2024 was overwhelmingly positive,” said SonicWall Chief Strategy Officer Matt Neiderman. “Our commitment to empowering our partners with a platform of modern solutions designed to help them grow their business is evident in both EMEA and around the globe, and we will continue to enhance the solutions and tools they need to sustain this current momentum.” EU’s Strict Regulations The addition of these Managed Security Service solutions comes just ahead of the European Union’s strict new DORA regulations which, from January 17, 2025, will place additional compliance burdens on cybersecurity providers and their customers. Compliance with DORA will involve a rethink of current risk management frameworks and operational resilience assessments including penetration testing, incident response and third-party risks. “The EU is leading the way globally on cyber-resilience to protect its economic interests with DORA,” said SonicWall Vice President of EMEA Spencer Starkey. “SonicWall’s new SOC is physical proof we’re onboard ahead of this important new regulatory reality. We know attackers work internationally and not just nine to five, now our partners can offer ultra-fast, local response capabilities with EU data residency starting today.” The new enterprise-grade SOC is an addition to SonicWall’s existing Managed Extended Detection and Response (MXDR) capabilities announced earlier this year to deliver powerful cybersecurity monitoring and response across the entire attack surface, including firewalls, endpoint protection, antivirus and cloud threat detection for MSPs and MSSPs. “Having a European-based SOC is pivotal for ensuring compliance with stringent regulations like GDPR and DORA,” said long-time SonicWall Partner and CTO at Data-Sec GmbH Moritz Freiherr von Schwerin. “It not only strengthens our ability to protect sensitive data and uphold privacy standards but also enables us to provide localized, agile responses to emerging cybersecurity threats specific to our region. This localization is crucial for maintaining trust and delivering effective security solutions that meet the unique needs of our clients across Europe. SonicWall has enhanced its offerings, both organically and through acquisitions, and they’re focused on supporting us better than ever before.” For more information on SonicWall’s Managed Security Services please visit: https://www.sonicwall.com/products/managed-security-services/. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
June 11, 2024

SonicWall Builds off its Partner Strength to Drive New Heights at Elevate 2024

Partners will get exclusive previews of the recently announced SonicPlatform and SonicWall’s newly enhanced solution roadmap from its recent acquisitions MILPITAS, Calif. — June 11, 2024 — SonicWall announced today the return of SonicWall Elevate, its premier partner event where it will detail its recent acquisitions and preview its solution roadmap which is helping organization create defensive measures from cloud to endpoint. This is yet another delivery for SonicWall’s valued partner and customer community – which has generated incredible momentum over the last several quarters. “SonicWall has been actively listening to its partner channel for the last 18 months and Elevate 2024 is another testament to our commitment to provide partners what they need to succeed in 2024 and beyond,” said SonicWall CEO Bob VanKirk. “Our partners are a force multiplier, one of our key differentiators, and we will be sharing an updated roadmap that has been specifically shaped by our partners’ voices. We have added managed security services, cloud-native security and more – all to put our partners in position to take their businesses to new heights.” SonicWall Elevate will involve sharing  key updates on its network security products, threat intelligence, as well as its newly acquired additions which include security service edge (SSE), zero trust network access (ZTNA) and additional managed security services for threat detection and response. With the platform, users get a unified backend for threat visibility and simplified workflows, uniquely positioning SonicWall well with an end-to-end solution. Elevate 2024 is designed to give partners all the tools they need to succeed in the coming year and beyond, including: Exclusive demos of SonicWall’s latest technology, including the new SonicPlatform Information on how to leverage recent acquisitions and how partners can grow and diversify their business to increase revenue Enhance the value of network security solutions and see what’s coming next Everything partners need to know about decreasing alert fatigue and growing opportunities with the 24x7 SOC protection of SonicWall MDR Interactive breakout sessions, complete with workshops and Q&A Opportunities for partners to offer feedback directly to SonicWall executive leadership SonicWall is experiencing consecutive quarters of partner growth, fueled by the explosive expansion in our Service Provider Program, recent program enhancements, and a dedicated focus on channel engagement. Over the last three quarters, SonicWall has seen an increase of transacting partners, including a 4% quarter-over-quarter growth. When and Where Americas June 12-14:Dallas, TX USA Europe, Middle East and Africa June 26-28: Lisbon, Portugal Asia, Pacific and Japan July 10-12: Bali, Indonesia For more information about Elevate 2024 and to register, please visit https://www.sonicwall.com/events/sonicwall-elevate-2024/. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
May 2, 2024

SonicWall Data Reveals the Top Five Most Widespread Network Attacks Used Against Small Businesses

The last two years of firewall telemetry data, paints a clear picture of what attacks are most widespread amongst SMBs – demanding the need for prioritization MILPITAS, Calif. — May 2, 2024 — A review of SonicWall telemetry data suggests that the most widespread network attacks to small businesses (SMBs) are older vulnerabilities with a large amount of publicly available information and affecting major vendors. In light of this data, prioritization is a critically important factor for today’s CISOs who are asked to manage and prioritize risk. “In order to properly prioritize threats, we must first understand what attacks, vulnerabilities, and tactics are being used by our enemies,” said SonicWall Executive Director of Threat Research Doug McKee. “Relying too heavily on one factor (e.g., CVSS scores) can lead to an incomplete view of the risk associated with a vulnerability. Consider all factors together to develop a comprehensive understanding of the risk landscape and prioritize vulnerabilities accordingly.” From January 2022 to March 2024, using SonicWall IPS data, SonicWall determined the most widespread attacks against small businesses. Here are the top five ranked: Log4j (CVE-2021-44228) - 43% of organizations were under attack Fortinet SSL VPN Path Traversal (CVE-2018-13379) - 35% of organizations were under attack Heartbleed (CVE-2014-0160) - 35% of organizations were under attack Atlassian Pre-Auth Arbitrary File Read (CVE-2021-26085) - 32% of organizations were under attack VMware SSRF (CVE-2021-21975) - 28% of organizations were under attack The “newest” vulnerability on this list is almost three years old, and the oldest goes back almost a decade.  This suggests the biggest “win” for small businesses is to ensure they have a solid methodology in place for dealing with well-known vulnerabilities, regardless of the age of the threat. “It is still very relevant to spend time and resources tracking down items like heart bleed and log4j, which is arguably more valuable than worrying about the latest AI threat or zero days in Microsoft with no publicly available exploit,” said McKee. Prioritization is Key Prioritization is a critical factor for today’s CISOs who are asked to manage and prioritize risk.  The largest challenge with supply chain issues like Log4j, is understanding simply – is it used and where?  Product security testing or other forms of deep technical analysis of the product used on your network is vital to ensure a business is protected from threats being used by attackers and therefore should take priority in terms of funding. For more information visit www.sonicwall.com. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
Follow Us

© 2024 SonicWall. All Rights Reserved.

Company
Popular resources
Subscribe to newsletter

Stay In Touch

  • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • This field is for validation purposes and should be left unchanged.