Study finds malware is on the decline, IoT and ransomware attacks skyrocketing
By Max BurkhalterJuly 27, 2020
As business technologies continue to transform operating models across the world, companies are required to devote significant resources to protecting their IT assets and warding off external threats. For years, malware was considered the most destructive and common source of data breaches and security incidents.
However, a new study from SonicWall discovered that malware attacks have declined globally by 24% in the first six months of 2020, while ransomware has seen a 109% increase in the U.S. over the same period. These findings suggest that companies must diversify their cybersecurity practices to mitigate the effects of non-malware vulnerabilities and attack methods.
The shifting malware landscape
Despite the recent decline in malware activity, SonicWall warns businesses that these types of attacks aren't going anywhere. According to data from the IT security firm AV-TEST, the company registers more than 350,000 new malicious programs and unwanted applications each day. Many of these malware strains are modified versions of older programs, such as ZeuS, Kovter, Dridex and others, which have been repurposed for use in targeted attacks against enterprise-level businesses.
As the SonicWall researchers noted in their report, "[malware] attacks are both more tactical and more targeted than ever, giving them a greater chance of success." For example, the study found that new malware attacks "disguised" as Microsoft Office files types have increased 176% during the observed period. Considering malware is the most costly type of cyberattack for businesses - resulting in an average $2.6 million in annual spend per company, according to a 2018 report from Accenture and the Ponemon Institute - there's a clear need for more robust threat detection and mitigation protocols.
Ransomware and IoT attacks surge
To understand why ransomware is on the rise, it's important to put modern IT initiatives in context. The push for digital transformation has created, in many cases, an IT overload for businesses. Since each piece of software and physical endpoint represents a possible attack vector, hackers have a variety of options for delivering ransomware to critical systems. As enterprises incorporate more devices and applications into their networks, they often expand their attack surface and foster a deep reliance on these technologies. Cybercriminals capitalize on this IT dependency by locking down critical workstations, control servers and other IT systems that are vital to a company's daily operations. This not only amplifies the potency of a potential security issue, it also increases the likelihood that organizations will pay the ransom.
In 2019, the total cost of ransomware attacks stood around $7.5 billion, with a typical recovery time of 287 days, per research from the cybersecurity developer Emsisoft. These incidents, however, can lead to major operational losses that extend far beyond economic factors, especially for organizations in the health care industry. For example, during a ransomware attack against a medical facility, patients in emergency care must be redirected to other hospitals. In other scenarios, a hacker might completely lock down patient medical records, forcing the facility to reschedule appointments and delay critical test results.
Beyond ransomware, SonicWall's study also discovered that attacks against IoT devices have increased 50% over the analyzed period. This is, at least in part, a result of the rapid transition to work-from-home environments spurred on by the COVID-19 pandemic. The biggest threats come from unsecured IoT devices and internet-connected equipment that aren't present in IT management platforms. Known as "shadow IoT," these unmonitored devices can easily be taken over with sophisticated malware and added to massive botnets for use in large-scale DDoS attacks.
How prevalent is this issue? One survey from Infoblox, an IT security and automation company, found that 78% of respondents had more than 1,000 shadow IoT devices connected to their private networks on any given day, while 28% had between 1,000 and 2,000. To offset the risk of widespread malware and ransomware attacks, organizations will need to improve their visibility and control over devices, business applications, networking tools and more.
The path forward
The best way to stay ahead of these and other cyberthreats is for companies to embrace a multi-pronged strategy that incorporates threat detection software, real-time device monitoring, edge computing and cybersecurity training. Rather than focusing on particular vulnerabilities, IT leaders should create a documented system for identifying, analyzing and mitigating a wide range of traditional and emergent attack vectors, including:
- Phishing scams
- Malware distribution
- Ransomware attacks
- Infected links and web-based operations
- Denial of service attacks
- Data breaches
One of the main components of a strong cybersecurity strategy is reliable networking tools, which are especially important for environments that use a myriad of IoT sensors, devices and equipment. By constantly refining their network infrastructure, organizations can build sustainable computing environments that can be scaled to their future needs and insulated from external threats.
Perle offers industrial-grade connectivity tools that can help businesses improve the integrity, security and reliability of their critical systems and data. Our powerful SFP optical transceivers and console servers provide instant fiber connectivity for your networking gear, ensuring you can keep up with the shifting threat landscape.
To learn more, read some of our customers' success stories.