Fireless malware attacks and cryptominers are coming back in force, while ransomware attacks are on the decline.
This is according to WatchGuard Technologies new Internet Security Report for Q4 2020.
Among its most notable findings, the report reveals that fileless malware and cryptominer attack rates grew by nearly 900% and 25% respectively, while unique ransomware payloads plummeted by 48% in 2020 compared to 2019.
Additionally, the WatchGuard Threat Lab found that Q4 2020 brought a 41% increase in encrypted malware detections over the previous quarter and network attacks hit their highest levels since 2018.
WatchGuard's report looked more closely at various trends and attack types, including fileless malware, cryptominers, ransomware, encrypted and evasive malware, botnet malware, supply chain attacks, trojan dupes and network attacks.
Fileless malware rates in 2020 increased by 888% over 2019.
According to WatchGuard, these threats can be particularly dangerous due to their ability to evade detection by traditional endpoint protection clients and because they can succeed without victims doing anything beyond clicking a malicious link or unknowingly visiting a compromised website.
Toolkits such as PowerSploit and CobaltStrike allow threat actors to easily inject malicious code into other running processes and remain operational even if the victims defences identify and remove the original script.
Deploying endpoint detection and response solutions alongside preventative anti-malware can help identify these threats.
After virtually all cryptocurrency prices crashed in early 2018, cryptominer infections became far less prevalent and reached a low of 633 unique variant detections in 2019.
According to the researchers, attackers continued adding cryptominer modules to existing botnet infections and extract passive income from victims while abusing their networks for other cyber crime.
As a result, and with prices trending upward again in Q4 2020, the volume of cryptominer malware detections climbed more than 25% over 2019 levels to reach 850 unique variants last year.
For the second year in a row, the number of unique ransomware payloads trended downward in 2020, falling to 2,152 unique payloads from 4,131 in 2019 and the all-time-high of 5,489 in 2018.
These figures represent individual variants of ransomware that may have infected hundreds or thousands of endpoints worldwide.
The majority of these detections resulted from signatures originally implemented in 2017 to detect WannaCry and its related variants, showing that ransomworm tactics are still thriving over three years after WannaCry burst onto the scene.
The steady decline in ransomware volume indicates the attackers continued shift away from the unfocused, widespread campaigns of the past toward highly targeted attacks against healthcare organisations, manufacturing firms and other victims for which downtime is unacceptable, WatchGuard states.
Encrypted, evasive malware
Despite being the fourth consecutive quarter of decreasing malware volumes overall, nearly half (47%) of all attacks WatchGuard detected at the network perimeter in Q4 were encrypted.
Additionally, malware delivered via HTTPS connections increased by 41%, while encrypted zero day malware (variants that circumvent antivirus signatures) grew by 22% over Q3.
Botnet malware targeting IoT devices and routers
In Q4, the Linux.Generic virus (also known as The Moon) made its debut on WatchGuards list of top 10 malware detections.
This malware is part of a network of servers that directly targets IoT devices and consumer-grade network devices like routers to exploit any open vulnerabilities.
WatchGuard's investigation uncovered Linux-specific malware designed for ARM processors and another payload designed for MIPS processors within the attackers infrastructure, indicating a clear focus on evasive attacks against IoT devices.
Supply chain attacks
The sophisticated, allegedly state-sponsored SolarWinds supply chain breach will have wide implications throughout the security industry for years to come, WatchGuard states.
Its effects spread far beyond SolarWinds to almost 100 companies, including some major Fortune 500s, big security companies, and even the U.S. government.
WatchGuard's detailed incident breakdown showcases the importance of defending against supply chain attacks in todays interconnected digital ecosystem.
New trojan dupes
Trojan.Script.1026663 made its way onto WatchGuard's top five most-widespread malware detections list in Q4.
The attack begins with an email asking victims to review an order list attachment. The document triggers a series of payloads and malicious code that ultimately lead the victim machine to load the final attack: the Agent Tesla remote access trojan (RAT) and keylogger.
Total network attack detections grew by 5% in Q4, reaching their highest level in over two years, the report shows.
Additionally, total unique network attack signatures showed steady growth as well with a 4% increase over Q3.
This shows that even as the world continues to operate remotely, the corporate network perimeter is still very much in play as threat actors continue to target on-premises assets.
WatchGuard chief technology officer Corey Nachreiner says, The rise in sophisticated, evasive threat tactics last quarter and throughout 2020 showcases how vital it is to implement layered, end-to-end security protections.
"The attacks are coming on all fronts, as cyber criminals increasingly leverage fileless malware, cryptominers, encrypted attacks and more, and target users both at remote locations as well as corporate assets behind the traditional network perimeter.
"Effective security today means prioritising endpoint detection and response, network defences and foundational precautions such as security awareness training and strict patch management.
See the original post here:
WatchGuard uncovers top cyber threat trends of Q4 2020 - SecurityBrief New Zealand
- Internet Security Market 2021 Will Reflect Significant Growth in Future with Size, Share, Growth, and Key Companies Analysis- HPE, IBM, Intel,... - April 8th, 2021
- Utah is the 2nd State to Create a Safe Harbor for Companies Facing Data Breach Litigation - Lexology - April 8th, 2021
- Unpatched SAP applications are target-rich ground for hackers - ComputerWeekly.com - April 8th, 2021
- Verizon Mobile Security Index: COVID-19 unearths new cyber threats for businesses - Verizon Communications - April 6th, 2021
- Preparing cyber professionals for the real world - ACS - April 6th, 2021
- Upgrade your digital security and enjoy a cleaner internet experience with this plug-and-play filter | TheHill - The Hill - April 6th, 2021
- How the quick shift to the cloud has led to more security risks - TechRepublic - April 6th, 2021
- Airlock Digital Further Improves its Allowlisting Solution - Enterprise Security Mag - April 6th, 2021
- New WEF Principles for Cybersecurity Board Governance Address Expansion, Organizational Scope of Cyber Risk - CPO Magazine - April 6th, 2021
- Dotlines CTO Eftekhar builds the first-ever DIY productivity & security solution - Hindustan Times - April 6th, 2021
- Security-as-a-Service Market is poised to surge at a CAGR of over 18% through 2031 - Yahoo Finance - April 6th, 2021
- PKI: Securing a variety of use cases in today's digital organizations - SecurityInfoWatch - April 6th, 2021
- What's next for encryption if the RSA algorithm is broken? - CSO Online - April 6th, 2021
- Global Internet of Things (IoT) Security Market 2020 Industry Insights and Major Players are Cisco Systems, Kaspersky Lab, Intel Corporation, Symantec... - April 6th, 2021
- North Korea continues targeting security researchers. Holiday Bear gained access to DHS emails. Charming Kitten is phishing for medical professionals.... - April 6th, 2021
- Tackle security threats before they arise with AT&T ActiveArmor - nation.lk - The Nation Newspaper - April 6th, 2021
- Fraud warnings. Ransomware and the pressure to pay. MobiKwik update. - The CyberWire - April 6th, 2021
- How the Internet of Medical Things (IoMT) Helps Combat Connected Health Security Threats? - CIO Applications - April 6th, 2021
- The State of Endpoint Threats and Internet Security in 2021 - TechDecisions - March 31st, 2021
- Worldwide Internet of Things (IoT) Security Industry to 2025 - Key Drivers, Challenges and Trends - ResearchAndMarkets.com - Yahoo Finance - March 31st, 2021
- Glonal Internet Security Audit Market 2021 Industry Outlook, Research, Key Trends and Forecast to 2026 SoccerNurds - SoccerNurds - March 31st, 2021
- State of the Internet / Security: Adapting to the Unpredictable - BankInfoSecurity.com - March 31st, 2021
- WatchGuard reports the ups and downs of malware - iTWire - March 31st, 2021
- How did the cyber attack on Nine and Parliament House happen? - ABC News - March 31st, 2021
- Internet Security Software Industry Insight report 2021-2026 Covering Prime Factors and Competitive Outlook by Key Players SoccerNurds - SoccerNurds - March 31st, 2021
- Meet the 2021 SC Awards judges | SC Media - SC Magazine - March 31st, 2021
- Everything You Need to Know About Broken Authentication - Hashed Out by The SSL Store - Hashed Out by The SSL Store - March 31st, 2021
- Internet Security Software Market Analysis Based on Development Strategy, Industry Statistics, and Future Prospects SoccerNurds - SoccerNurds - March 31st, 2021
- U.S. conducted more than two dozen operations to thwart foreign cyberattacks before 2020 election - SecurityInfoWatch - March 31st, 2021
- SIS: Covid-19 could lead to greater terror threat - Newsroom - March 31st, 2021
- Colt runs further with IBM to accelerate adoption of edge computing - ComputerWeekly.com - March 31st, 2021
- Global Internet Security Market Report 2020-2024: Market is Poised to Grow by $20.41 Billion - ResearchAndMarkets.com - Business Wire - March 21st, 2021
- Privacy vs Anonymity vs Security: Why They Don't All Mean the Same Thing - MUO - MakeUseOf - March 21st, 2021
- Hire and Train a Cyber Incident Response Team in Healthcare - HealthTech Magazine - March 21st, 2021
- Recent Developmens in Internet Security Software Market with Emerging Technologies, Business Opportunity and Industry Forecast to 2026 Jumbo News -... - March 21st, 2021
- Cyber security gets recognized The Merciad - The Merciad - March 18th, 2021
- The Internet of Things Is Everywhere. Are You Secure? - Security Boulevard - March 18th, 2021
- International Policy Review Puts Cyber at the centre of the UK's Security - GOV.UK - March 18th, 2021
- Where Will Datasea Inc (DTSS) Stock Go Next After It Has Risen 3.97% in a Week? - InvestorsObserver - March 18th, 2021
- How to Find a Network Security Key in the Devices You Love - G2 - March 18th, 2021
- Canada's big carriers, ISPs turn thumbs down on proposed mandatory botnet-fighting regime - IT World Canada - March 18th, 2021
- Global Biohacking Market 2020-2025: COVID-19 Pandemic has Led to a Surge in Market Growth for the Pharma Industries Engaged in Biohacking -... - March 18th, 2021
- Internet Security Hardware Market Size 2021: Production, Revenue, Price Trend By Types & Market Analysis By Application and Forecast 20212027|... - March 18th, 2021
- How Network Technology Shifts Are Changing the Way Things Are Done - Channel Futures - March 18th, 2021
- 5 Malware Removal Tools That Keep You Safe - G2 - March 18th, 2021
- What Is Internet Security? | McAfee - March 10th, 2021
- Automotive Cyber Security Market is anticipated to exhibit a CAGR of close to 8% over the next ten years - Yahoo Finance - March 10th, 2021
- Microsoft's big email hack: What happened, who did it, and why it matters - CNBC - March 10th, 2021
- Can we keep hackers from shorting the grid? - The Indian Express - March 10th, 2021
- Over 6,700 VMware Servers With Remote Code Execution Security Bug Exposed to the Internet - CPO Magazine - March 10th, 2021
- A discussion on the security of the United States - The American Legion - March 10th, 2021
- Experts warn of growing number of COVID-19 scams preying on pandemic fears and vaccine shortages - National Post - March 10th, 2021
- Cities, towns warned of potential server infiltration - WWLP.com - March 10th, 2021
- John McAfee, software creator with Alabama ties, charged with cheating investors out of $13 million - AL.com - March 10th, 2021
- Tech executives testify in Solorigate hearing. Accellion breach updates. Silver Sparrow targets Macs. - The CyberWire - February 28th, 2021
- IRS Tax Identity Theft and Fraud Resources - The CPA Journal - February 28th, 2021
- $110 Billion Worldwide Internet Security Global Market to 2027 - Impact of COVID-19 on the Market - ResearchAndMarkets.com - Business Wire - February 22nd, 2021
- 6 Security Methods to Protect You and Your Customers - Security Boulevard - February 22nd, 2021
- Railways stung by breaches in IT applications during pandemic - The Hindu - February 22nd, 2021
- A Trippy Visualization Charts the Internet's Growth Since 1997 - WIRED - February 22nd, 2021
- Datasea Inc (DTSS) Stock: What Does the Chart Say Monday? - InvestorsObserver - February 22nd, 2021
- Connected Medical Devices Security Market 2021 to Witness Lucrative Growth in Coming Years with Top Key Players GE Healthcare, Cisco Systems, CA... - February 22nd, 2021
- Comprehensvie Report on: Internet Security Market Share, Growth, Demand, Trends, Region Wise Analysis of Top Players and Forecasts The Bisouv Network... - February 22nd, 2021
- NCSC cyber defence scheme blocked thousands of scams in 2019 - ComputerWeekly.com - February 22nd, 2021
- Panel: 90% of cyber attacks are occasioned by human error, and they're on the rise - NJBIZ - February 22nd, 2021
- Growth Opportunities of IIoT in Small and Medium Scale Enterprises, 2020 Report - Data Communications and Connectivity Between Devices Encouraging... - February 22nd, 2021
- Internet Security Software Market: Find Out Essential Strategies to expand The Business and Also Check Working in 2021-2028 KSU | The Sentinel... - February 14th, 2021
- Akamai Realigns Organization Around Market-leading Internet Security and Edge Technology Solutions - CXOToday.com - February 14th, 2021
- New UK Cyber Security Council to be official governing body on training and standards - GOV.UK - February 14th, 2021
- The greatest security threat of the post-truth age - BBC News - February 14th, 2021
- 80% of medtech firms suffered a cyber attack in the past five years - IT PRO - February 14th, 2021
- Internet Security Software Market is Thriving Worldwide with Surprising Transition During 2021-2026 Atlantic Financial Management - Atlantic... - February 14th, 2021
- Evaluation of Internet Security Market 2021-2026: Recent Industry Developments and Growth Strategy The Bisouv Network - The Bisouv Network - February 14th, 2021
- Internet Security Software Market Experiences a Noticeable Growth with Key Dynamics at High CAGR value NeighborWebSJ - NeighborWebSJ - February 14th, 2021
- Cloud Security Alliance Announced Internet of Things (IoT) Security Controls Framework Version 2 - ARC Viewpoints - January 31st, 2021
- Internet Security Software Market is Rapidly Growing with Huge Application Scope & Opportunities by 2021-2028 KSU | The Sentinel Newspaper - KSU... - January 31st, 2021
- Verizon offers new Complete Business Bundle to aid small business recovery - Verizon News - January 31st, 2021
- Information Security: At the onset, set the philosophy and strategy right, says N. Raman, Group GM CISO, ONGC - Express Computer - January 31st, 2021
- Mozilla: Racism, misinformation, anti-worker policies are undermining the Internet - ZDNet - January 31st, 2021
- Shipping needs to raise its cyber game. - Lloyd's Register - January 31st, 2021