SonicWall: The digital threat environment is intensifying

Businesses worldwide should prepare for an increase in nefarious online activity, according to researchers at leading data security firm SonicWall. The organization recently analyzed insights collected from approximately 1 million sensors in 200 countries and gathered testimony from respected data security consultants to formulate a sweeping picture of the modern cybercrime landscape. Unfortunately, the resulting outlook does not bode well for enterprises. This mirrors the viewpoints of numerous other data security authorities, most of whom believe firms will face increasingly complex and voluminous threats over the coming months and years, CIO reported.

"The scope and pace of information security threats is jeopardizing the veracity and reputation of today's most reliable organizations," Information Security Forum Managing Director Steve Durbin told the magazine. "We will see increased sophistication in the threat landscape with threats being personalized to their target's weak spots or metamorphosing to take account of defenses that have already been put in place. These days, the stakes are higher than ever before."

Ransomware continues to change
Ransomware was perhaps the most talked-about data security threat in 2016 – and for good reason. Usage rates for the odious software increased 6,000 percent over that 12-month span, according to research from IBM. Cybercriminals deployed ransomware against targets of all sizes and collected more than $209 million in ransom payments, an increase of 771 percent over 2015. However, this activity tapered off in 2017 as both entities and individuals actively countered black hats seeking to extort them. Analysts at SonicWall found evidence of approximately 183.6 million ransomware attacks last year. This figure paled in comparison to the 638 million believed to have unfolded in 2016.

"SonicWall found evidence of approximately 183.6 million ransomware attacks in 2017."

That said, the ransomware circulating through digital environments in 2017 was far more advanced than the forms seen over the course of the previous year. WannaCry received the most attention in 2017 due to its role in the global cyberattack that unfolded this past May. During the event, hackers leveraged the software, a hybrid between ransomware, a Trojan and a worm, to infiltrate computers in 150 countries, including the U.K. where the National Health Service was forced to take emergency action after its computers became inoperable, according to the International Data Group. With cybercriminals using ransomware of this caliber, businesses are likely to sustain damage. In fact, internal information technology departments should be on the look out for WannaCry copies with hybrid ransomware-Trojan-worm characteristics, according to researchers at Sophos. Overall, the total number of ransomware variants is expected to grow as it has for the past three years, culminating with 2017 during which time data security specialists at SonicWall uncovered almost 3,000 types.

With this in mind, data security stakeholders at corporations of all kinds must take action and quickly. Sophos advises IT teams to back up mission-critical applications, files and web portals so these assets are available in the event that cybercriminals lockdown key online fixtures. The organization also advised employees to exercise extreme caution when dealing with email attachments and avoid using macros with such content as these shortcuts make it easier for ransomware to enter enterprise networks. Perhaps the most effective thing businesses can do to protect themselves from ransomware attacks is to patch applications. Internal IT teams that can effectively implement these data security strategies may be able to mitigate the impact of increasingly complex ransomware types.

Cryptocurrency brings new risks
Between 2.9 million and 5.8 million consumers managed cryptocurrency wallets in 2017, according to research from the Judge Business School at the University of Cambridge. An estimated 79 percent of payment companies supported these users, leveraging bleeding-edge open ledger technology to support the use of decentralized tender. This widespread embrace of cryptocurrency, which continues to accelerate, is poised to transform commerce across numerous sectors. However, this development creates risk as digital currencies such as bitcoin are, by their very nature, open to theft by cybercriminals. In fact, these nefarious coders have developed a number of different methods for invading cryptocurrency caches and wallets.

Wallets are the primary targets for outside actors looking to steal cryptocurrency. They do this by stealing the unique credentials to these accounts via malware, according to IDG. Hackers also target cryptocurrency transfers through specialized Trojans that resemble genuine accounts but are really just stand-ins for fake purchasers or sellers. While these threats certainly seem serious, it's possible to underestimate their danger because they only appear applicable to financial institutions, retailers and other organizations participating directly in the digital payment space. This is not the case.

Blockchain, the underlying open-ledger technology that bolsters bitcoin, has become a popular IT solution among enterprises due to its ability to ensure transactional security for a wide array of online assets. Organizations worldwide are expected to spend more than $2 billion on the technology this year alone, according to the International Data Corporation. The cybercriminals targeting these tools in cryptocurrency theft schemes could theoretically reuse hacking techniques for enterprise installations. 

The rise of the malware cocktail
Like cybercriminals developing and deploying ransomware, hackers leveraging more traditional malware are searching for ways to diversify their attack vectors and amplify their impact. This has led to the creation of so-called malware cocktails, according to SonicWall. These multifaceted programs are constructed on existing malware but feature new components capable of surmounting even the most updated digital defenses. Additionally, the almost modular nature of these cocktails makes them incredibly easy to produce, allowing for further developmental democratization within the cybercriminal world and, of course, an enormous volume of malware iterations. Researchers from SonicWall discovered 56 million different types of malware over the course of 2017, most of which fell into the growing cocktail category.

So far this year, the data security firm has come across 35,000 new variations, or approximately 715 per day. The popularity of the malware cocktail is certainly fueling this activity and will most likely continue to do so over forthcoming months and years.

"So far this year, the data security firm has come across 35,000 new variations in 2017."

The IoT flashpoint
Businesses are adopting wireless technology at breakneck speed in an attempt to reap the benefits that accompany organization-wide connectivity. An estimated 29 percent of modern businesses are currently using connected devices and platforms associated with the internet of things, according to research from Vodafone. Almost 100 percent of these adopters have seen tangible benefits post adoption, including operational transformation and revenue growth. With these proven outcomes in play, the enterprise IoT will continue to grow. However, implementers must address the one major challenge that comes with embracing IoT innovation: security.

The billions of active IoT devices in use today double as backdoors to hackers, who can leverage the latest attack vectors to infiltrate them and all of the networks with which they are associated. Even devices with highly secured hardware components designed to protect login credentials, bank account details and other precious personal information are vulnerable to the skilled black hats specializing in IoT, according to SonicWall. In January, data security researchers came across a processor vulnerability called Meltdown that allows cybercriminals to enter these offline mobile data caches and extract the information within them. While the exploit alone struck fear into data security experts, the secretive way in which it was discovered and used caused considerably more panic.

"Threat actors have been so far ahead of the game they've been able to create highly evasive malware without the greater industry even knowing," SonicWall CEO Bill Conner explained. 

The Mirai strain of malware is another product of this push by cybercriminals to exploit the IoT. The software, which centered on a massive botnet, powered various types of IoT devices, managed to take down a French telecommunications provider and then, in the fall of 2016, the internet performance management firm Dyn, Wired reported. The latter strike crippled internet users' connections on the East Coast of the U.S. In addition to creations like Mirai, hackers are exploring IoT-specific ransomware. A large number of wireless devices come equipped with operating software ripe for exploitation, according to SonicWall. Many data security experts believe it is only a matter of time before hackers develop viable methods for invading these fixtures and wreaking havoc on enterprise IoT infrastructure.

With these data security threats in play, businesses must act quickly to protect their digital assets and the mission-critical operational workflows they support. SonicWall advises organizations to implement multilayered data security protections, including advanced firewalls, email defenses and application development sandboxes. The firm also promotes the use of automated platforms designed to analyze intrusions and send key insights to IT stakeholders. However, prior to adopting these systems, some enterprises may need to upgrade their existing infrastructure via IT modernization efforts.

The team at Inventu Corporation can help with such improvements. Our innovative Flynet Viewer simplifies screen integration, easing the modernization process while meeting employer and staff expectations in a way that feels both familiar and simple. Review our product page to learn more about the Inventu Flynet Viewer and the other solutions in our extensive product portfolio