• Malware, ransomware attack volume down 6% and 9%, due to more targeted attacks
  • Connected-device dependence leads to 5% increase in IoT attacks, over 34 million exposed
  • Over 40 million web app attacks detected, 52% year-over-year increase
  • Encrypted threats up 27%, almost 4 million identified

MILPITAS, Calif. — February 4, 2020 — SonicWall, the trusted security partner protecting more than 1 million networks worldwide, today announced its annual threat report findings, which highlight the evasive tactics cybercriminals leverage to target businesses and consumers.

“Cybercriminals are honing their ability to design, author and deploy stealth-like attacks with increasing precision, while growing their capabilities to evade detection by sandbox technology,” said SonicWall President and CEO Bill Conner. “Now more than ever, it’s imperative that organizations detect and respond quickly, or run the risk of having to negotiate what’s being held at ransom from criminals so embolden they’re now negotiating the terms.”

Rapid response has proven to be invaluable when stopping the damage caused by cyber threats to systems, hardware, daily operations and brand reputation. The SonicWall Capture Advanced Threat Protection (ATP) cloud sandbox service discovered nearly 440,000 malware variants in 2019 (1,200 per day), with findings reported to malware repositories two days ahead of public submissions.

With its patent-pending Real-Time Deep Memory Inspection™ technology, SonicWall identified more than 153,000 never-before-seen malware variants — attacks that traditional sandboxes are subject to miss. SonicWall immediately deploys new malware signatures across all active customer solutions, instantly shielding them from attacks.

The 2020 SonicWall Cyber Threat Report provides in-depth information and analysis of the cyber threat landscape. Major findings of the report include:

  • Cybercriminals change approach to malware: ‘Spray-and-pray’ tactics that once had malware attack numbers soaring have since been abandoned for more targeted and evasive methods aimed at weaker victims. SonicWall recorded 9.9 billion malware attacks, a 6% year-over-year decrease.
  • Targeted ransomware attacks cripple victims: While total ransomware volume (187.9 million) dipped 9% for the year, highly targeted attacks left many state, provincial and local governments paralyzed and took down email communications, websites, telephone lines and even dispatch services.
  • The Internet of Things (IoT) is a treasure trove for cybercriminals: Bad actors continue to deploy ransomware on ordinary devices, such as smart TVs, electric scooters and smart speakers, to daily necessities like toothbrushes, refrigerators and doorbells. SonicWall Capture Labs threat researchers discovered a moderate 5% increase in IoT malware, with a total volume of 34.3 million attacks in 2019.
  • Cryptojacking continues to crumble: The volatile shifts and swings of the cryptocurrency market had a direct impact on threat actors’ interest to author cryptojacking malware. The dissolution of Coinhive in March 2019 played a major role in the threat vector’s decline, plunging the volume of cryptojacking hits to 78% in the second half of the year.
  • Fileless malware targets Microsoft Office/Office 365, PDF documents: Cybercriminals used new code obfuscation, sandbox detection and bypass techniques, resulting in a multitude of variants and the development of newer and more sophisticated exploit kits using fileless attacks instead of traditional payloads to a disk. While malware decreased 6% globally, SonicWall observed that most new threats masked their exploits within today’s most trusted files. In fact, Office (20.3%) and PDFs (17.4%) represent 38% of new threats detected by Capture ATP.
  • Encrypted threats are still everywhere: Cybercriminals have become reliant upon encrypted threats that evade traditional security control standards, such as firewall appliances that do not have the capability or processing power to detect, inspect and mitigate attacks sent via HTTPs traffic. SonicWall Capture Labs threat researchers recorded 3.7 million malware attacks sent over TLS/SSL traffic, a 27% year-over-year increase that is trending up and expected to climb through the year.
  • Side-channel attacks are evolving: These vulnerabilities could impact unpatched devices in the future, including everything from security appliances to end-user laptops. Threat actors could potentially issue digital signatures to bypass authentication or digitally sign malicious software. The recent introduction of TPM-FAIL, the next variation of Meltdown/Spectre, Foreshadow, PortSmash, MDS and more, signals criminals’ intent to weaponize this method of attack.
  • Attacks over non-standard ports cannot be ignored: This year’s research indicated that more than 19% of malware attacks leveraged non-standard ports, but found the volume dropping to 15% by year’s end with a total of 64 million detected threats. This type of tactic is utilized to deliver payloads undetected against targeted businesses.

The 2020 SonicWall Cyber Threat Report is the result of threat intelligence collected over the course of 2019 by over 1.1 million sensors strategically placed in over 215 countries and territories. SonicWall Capture Labs threat researchers collected and analyzed over 140,000 daily malware samples, blocked over 20 million daily malware attacks and recorded 9.9 billion malware attacks. SonicWall Capture Labs spotlights attack trends to help organizations and users stay ahead of cyber threats as attackers become more targeted and move into business-critical systems.

To download the complete report, please visit www.sonicwall.com/ThreatReport. For current cyberattack data, visit the SonicWall Security Center to see the latest attack trends, types and volume across the world.

SonicWall will be showcasing its latest security solutions at RSA 2020 in San Francisco, Booth 5559, Moscone Center, North Expo Hall.

About SonicWall

SonicWall has been fighting the cybercriminal industry for over 28 years defending small and medium businesses, enterprises and government agencies worldwide. Backed by research from SonicWall Capture Labs, our award-winning, real-time breach detection and prevention solutions secure more than a million networks, and their emails, applications and data, in over 215 countries and territories. These organizations run more effectively and fear less about security. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Latest Stories

" alt="" />
November 6, 2024

SonicWall Unveils TZ80: Empowering Service Providers to Deliver Comprehensive Security, Remote Access and Networking Solutions for Branch Offices and SOHO

More Than a Firewall: SonicWall Introduces Integrated Cybersecurity Platform with the TZ80 at the Core of the Market’s Next-Gen SOHO Solution, Featuring: Industry-First Warranties, Cloud Native VPN, Firewall Management and Flexible Pricing MILPITAS, Calif. — November 7, 2024 — SonicWall announced today the launch of the TZ80, a groundbreaking security solution designed specifically for branch offices and small office/home office (SOHO) environments. With its comprehensive, cost-effective package of networking, access, and security solutions, the TZ80 is a subscription-based device designed for service providers and value-added resellers (VARs) – and is set to revolutionize the way they deliver cybersecurity. The SonicWall TZ80 combines performance and price and provides industry leading networking and security capabilities, with advanced threat protection at a low total cost of ownership (TCO), making the TZ80 ideal for branch offices with remote workers, SOHO, IoT, and businesses with small form-factor requirements. This best-in-class firewall platform features built-in integration with cloud-native zero trust network access (ZTNA) and VPN as a service (VPNaaS) for hybrid environments and is backed by world-class technical support, available firewall management and network monitoring, and an industry-first cyber threat warranty. “The TZ80 is more than a firewall; it embodies the future of cybersecurity for managed service providers and their customers,” said SonicWall President and CEO Bob VanKirk. “With this launch, we’re transforming network security by integrating on-premise, hybrid, and cloud technologies into a cohesive solution. Our unified approach enhances security and performance while protecting customer data with modern cloud management and backed by expert services to keep our partners secure in today’s evolving threat landscape.” MSPs can complement their existing firewall monitoring and network operations center (NOC) to enhance their services with SonicWall’s managed security services, who work behind the scenes as a force multiplier for SonicWall partners. The Managed Protection Services Suite (MPSS) bundle provides management for TZ80 devices, with remote implementation, firmware and vulnerability management, and system health monitoring to help MSPs ensure that their customers employ best practices and stay up-to-date for the highest level of protection in today’s threat landscape. “We’ve been looking for a solution like the TZ80, and it’s exciting to see SonicWall deliver precisely what we need,” said President/CEO and SonicWall partner Brian A. Reed of Firewalls.com. “This opens up significant opportunities in the SOHO market for us, and the bundled cloud native VPN adds tremendous value, while the pay-as-you-go model makes it even more accessible. Additionally, the MPSS bundle enhances our offering and helps us stay focused on the core of our business, ensuring our clients stay secure.” To further enhance the value proposition, SonicWall will offer industry-first cybersecurity warranties for the TZ80 and other SonicWall front-line defense products certified by Cysurance. These warranties will help supplement insurance coverage by providing cash for covering deductibles or other out of pocket expenses before insurance kicks in. SonicWall will offer warranties for the TZ80 and other certified products as follows: $100K for a qualifying firewall $200K for a qualifying managed firewall Additionally, SonicWall is excited to introduce its latest and new "3 & Free" promotion. This promotion includes cloud native VPN licenses along with a free next-gen firewall. When purchasing a 3-year Advanced Protection Services Suite (APSS) or Essential Protection Services Suite (EPSS) customers get more than just free firewalls - they also gain comprehensive protection from latest cyber threats. SonicWall remains dedicated to equipping its partners with the tools they need to deliver security outcomes in a rapidly evolving cybersecurity landscape. The TZ80 represents a significant leap forward in delivering scalable, and integrated security solutions via our MSPs for branch offices and SOHO environments. To learn more about SonicWall’s TZ80, the full offering, new warranties and promotions please visit https://www.sonicwall.com/products/firewalls/soho. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />

Infinigate and SonicWall Expand Partnership Across Eastern Europe

SonicWall and Infinigate extend their successful collaboration to cover the Eastern European region, including Balkan countries.   Rotkreuz, Switzerland – November 6, 2024: The Infinigate Group, the leading technology platform and trusted advisor in cybersecurity, cloud and network infrastructure, and SonicWall, a leading cybersecurity innovator and partner-first company, are extending their partnership across Eastern Europe. Infinigate will distribute SonicWall’s entire advanced portfolio of network and endpoint security, Cloud Secure Edge (CSE) and Managed Security Services (MSS) offering channel partners effective solutions to meet the ever-evolving requirements of a broad customer base – from SMB through to enterprise organisations. Spencer Starkey, Executive Vice President at SonicWall said: “The Eastern European market presents a strong opportunity for growth and Infinigate, in view of our long-standing successful collaboration and their reach and experience in this geographical area, is absolutely the right distribution partner for us. Being a channel-first organisation, we value Infinigate’s specialist focus and their technical and market knowledge.” Protecting your business from escalating cyber-attacks has become a priority, as illustrated in Sonic Wall’s 2024 Mid-Year Cyber-Threat Report. Ransomware is on the rise in the Americas, while EMEA is pulling the global numbers down, suggesting improved cybersecurity measures and law enforcement interventions are having a positive impact. “We are delighted to build on our long-standing success with SonicWall and leverage the full potential of this growing region, where cybersecurity is high on the agenda, as illustrated by the NIS2 readiness statistics,” said Denis Ferrand Ajchenbaum, Chief Growth Officer at Infinigate Group and Managing Director of Infinigate Cloud. “As a leading Managed Security Services Distributor, we value SonicWall’s range of managed security services that considerably strengthen our offering in the region,” he added. Doru Manea, RVP East at Infinigate commented: Doru Manea, RVP East at Infinigate, commented: “Bringing SonicWall into our regional portfolio strengthens our ability to support our channel partners across Eastern Europe. With SonicWall’s expertise in cybersecurity, we can better equip our partners to meet the security needs of businesses in this market. Our channel reach and the strong cybersecurity culture in the region are a solid basis for our shared success” About Infinigate The Infinigate Group, the leading technology platform and trusted advisor in Cybersecurity, Cloud & Network Infrastructure covers over 100 countries across EMEA, Australia and New Zealand. In the 2023-2024 financial year the Infinigate Group revenue reached 2.3B€. Our focus and deep technical expertise on cybersecurity, secure networks and secure cloud for SMB and enterprise set us apart. Our 1,250 employees provide locally tailored services complementing a robust central supply chain, sparking growth for our partners, MSSPs and vendors. In 2022, Starlink, Vuzion (now Infinigate Cloud) and Nuvias became part of the Infinigate Group. In 2024, Wavelink became an Infinigate Group company, adding coverage for the Australian and New Zealand (ANZ) market. For additional information please visit www.infinigate.com About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
October 31, 2024

Government Organizations Face Surge in Malware and DDoS Attacks, Raising Alarms Over Potential Election Disruption

Newest report highlights some escalating risks to critical infrastructure as election day approaches MILPITAS, Calif. — October 31, 2024 — SonicWall released its latest threat brief focused exclusively on governments, reporting a staggering 236% year-over-year increase in malware-related attacks against government organizations globally during the first quarter of 2024. This alarming trend coincides with a notable 27% rise in attacks in the month leading up to the upcoming election, underscoring the urgent need for enhanced security measures. SonicWall's comprehensive threat intelligence reveals a 33% increase in attacks related to the software supply chain since the start of the year. Additionally, DDoS (Distributed Denial of Service) attacks are on track to surpass last year's figures by 32% - underscoring the escalating risks to critical infrastructure as election day approaches. “As attackers continue to attack critical government services and election-related systems, the importance of multi-layered cybersecurity measures cannot be overstated,” said Executive Director of Threat Research Doug McKee. "In a rapidly evolving threat landscape, the stakes have never been higher. We must  embrace cross-industry collaboration and threat intelligence information sharing  to ensure the integrity of our electoral processes and protect our vital infrastructure from those seeking to exploit  these systems. "  Rising Threats to Election Security The recent Hezbollah pager supply chain attack serves as a stark reminder of how easily everyday devices can be exploited to launch significant cyberattacks. As attackers target seemingly innocuous devices lacking stringent security protocols, the risk extends to critical election infrastructure. For instance, compromised IP cameras, frequently utilized at polling locales, could be weaponized or compromised to disrupt essential operations. SonicWall data highlights the pressing need for vigilance, as the company has successfully thwarted over 12.9 million attacks targeting IP cameras this year alone. These devices, often overlooked in cybersecurity strategies, present an enticing entry point for cybercriminals aiming to undermine public trust in the electoral process.  The Vulnerability of IoT Devices The growing reliance on Internet of Things (IoT) devices within government operations raises significant concerns. Many of these devices, including security systems and smart sensors, lack robust defenses, making them attractive targets for malicious actors. SonicWall emphasizes the urgent need for organizations to implement rigorous security measures to protect against the exploitation of vulnerable devices. The potential consequences of these vulnerabilities extend far beyond traditional cybersecurity threats, threatening the integrity of national infrastructure and electoral security. Call to Action As the election approaches, SonicWall urges government organizations to prioritize cybersecurity by strengthening their defenses against malware and DDoS attacks. By implementing advanced security solutions and enhancing awareness of IoT vulnerabilities, organizations can better safeguard their operations against these escalating threats. For more information about SonicWall and see the Government Threat Brief, please visit https://www.sonicwall.com/resources/brief/2024-threat-brief-government. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
September 25, 2024

SonicWall Report Details 14 Million Victims of Malware Breaches in the U.S. Healthcare Sector

SonicWall discovers 91% of healthcare breaches involve ransomware in 2024 - underscoring the urgent need for improved cybersecurity and strong partnerships with MSPs/MSSPs MILPITAS, Calif. — September 26, 2024 — SonicWall today unveiled a 2024 SonicWall Threat Brief, focused exclusively on the healthcare industry and is based on extensive research from SonicWall Capture Labs. The report reveals that a minimum of 14 million patients in the U.S. have fallen victim to malware breaches in this sector. Despite SonicWall sensors successfully preventing over 26,000 attacks, the findings underscore that healthcare organizations, due to their essential operations and potential for financial gain, remain prime targets for ransomware. Many healthcare organizations operate with limited cybersecurity resources and often rely on outdated technology – making them susceptible to ransomware attacks. SonicWall also determined that an astounding 60% of vulnerabilities were leveraged against Microsoft Exchange. "Understanding the threat landscape is crucial for the healthcare industry to effectively defend against cyberattacks,” said Executive Director, Threat Research at SonicWall Doug McKee. “As ransomware evolves and targets sensitive patient data, organizations must stay informed about emerging threats and vulnerabilities. By equipping themselves with knowledge and robust security measures, healthcare providers can better protect their critical operations and ensure the safety of patient information." Disrupting access to patient data or medical systems can have life-threatening consequences. Because of this, healthcare organizations are more likely to pay ransoms to restore operations quickly. In 2024, ransomware was leveraged in 91% of malware-related data breaches in the healthcare sector, with Lockbit emerging as one of the most notorious ransomware groups targeting this industry. The increasing digitalization of health records and telehealth services further expands the attack surface, making it nearly impossible for healthcare organizations to go it alone. Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) should play a vital role in the healthcare industry by delivering specialized expertise and resources that many organizations lack. As cyber threats become increasingly sophisticated, MSPs/MSSPs can implement robust security measures, monitor systems in real-time, and ensure compliance with regulatory standards. Their proactive approach to cybersecurity helps healthcare providers defend sensitive patient data, minimize downtime, and focus on delivering quality care, ultimately enhancing the resilience of the entire healthcare ecosystem. To learn more about SonicWall’s finding in its 2024 SonicWall Threat Brief, please visit www.sonicwall.com/resources/brief/2024-threat-brief-healthcare. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram. About SonicWall Capture Labs SonicWall Capture Labs threat researchers gather, analyze and vet cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 215 countries and territories. SonicWall Capture Labs, which pioneered the use of artificial intelligence for threat research and protection over a decade ago, performs rigorous testing and evaluation on this data, establishes reputation scores for email senders and content, and identifies new threats in real-time.

Read More