Research
Report Final Point Malware and Ransomware are at the peak of 2020 in the first three quarters of 2021.
According to a new Internet security report from Global Network Security and Intelligence Service Provider Technologies, the last three quarters of the year 2021 saw the highest number of malware and phishing attacks in 2020.
The report, which highlights the trends of malware and network security threats for Q3 2021, is based on an analysis by WatchGuard Threat Lab researchers. WatchGuard said in a news release: “While the overall measurement of malware detection has declined over the past quarter, endpoint malware detectors exceeded the total volume of 2020 (data yet to be reported in Q4 2021)” WatchGuard said in a statement. As “high percentage” malware continues to infiltrate encrypted communications, a trend that has been seen over the past quarter.
“While the total number of network attacks decreased slightly in Q3, malware has increased for the first time since the outbreak began,” said Cory Nachrenner, chief security officer at WatchGuard. “So far this year, the security situation has remained challenging. It is important for organizations to focus on trends that focus on the safety of short-term challenges and special standards.
Significant findings from the report include:
Nearly half of Zero Day Malware is accessed by encrypted connections. Malware coverage for transportation layer security increased from 31.6 percent to 47 percent. “The low percentage of encrypted zero-days is considered to have improved, but WatchGuard data indicates that many companies are not resolving these connections and therefore are still concerned about the low visibility of hitting malware networks,” the report said.
As users update Microsoft Windows and Office, attackers are focusing on new vulnerabilities “In Q3, CVE-2018-0802 – a vulnerability in the Microsoft Office Formula Editor – it hit the WatchGuard Top 10 Gateway Virus Malware with a volume list, number 6, and cracked after appearing in the most widespread malware list in the past. A quarter, ”the report said. “Also, two Windows Code Injuries (Win32 / Heim.D and Win32 / Heri) are included in the most common list in numbers 1 and 6.”
Attackers targeting Americans disproportionately Network attacks targeting the US account for 64.5% of Q3 threats. Europe accounted for 15.5% and APAC 20%.
Top 10 Network Attack Signatures Behind Most Threats Of the 4,095,320 hits in Q3, 81% were signed for the top 10. “In fact, in Q3 there was only one new signature in the top 10, ‘WEB Remote File Inclusion / etc / passwd’ (1054837), which is old but still widely used in Microsoft Internet Services (IIS) Web servers.” “A signature (1059160), SQL injection, continues to hold the top of the list since the beginning of 2019.
Script attack attacks continue at record speed By the end of Q3, WatchGuard’s AD360 threat information and endpoint detection and response recorded 10% more attack scripts than last year. When hybrids start to look like rules instead of differences, strong perimeter is not enough to stop threats.
Even trusted domains can be violated Automated access to the Microsoft Exchange Server allows protocol vulnerabilities in attackers to collect domain credentials and corrupt many trusted domains. “Overall, in Q3, Wachgard Firebox blocked 5.6 million malicious domains, including several new malware domains for cryptocurrency, key loggers and remote access trojans, as well as phishing domains, such as SharePoint, to collect Office365 login credentials,” the report said. “This demonstrates the critical need for organizations to focus on updating servers, databases, websites and systems with the latest fixes to limit vulnerabilities to exploit attackers.”
Continuing to add Ransomware A.D. After the 2020 deficit, Ransomware attacks reached a total of 105% by 2020 by the end of September 2021, and all data for the 2021 data were fast approaching 150%. “Ransomware-as-a-service Operations continues to downgrade criminals to less or less capable criminals by providing infrastructure and malware loads to respond to the ransom,” the report states.
WatchGuard’s quarterly research reports are based on the anonymous data of Wachgard Firebox, which you choose to share information to provide direct support to the threat research efforts. In Q3, WatchGuard blocked a total of over 16.6 million malware variants (454 per device) and more than 4 million network threats. Visit the WatchGuard website to view the full report.
About the author
Crystal Quintal Editor, 1105 Media Education Group. It can be found on her [email protected].
.