In Australia, the head of the local intelligence
agency was recruited to inform universities about
cyber threats and ways of prevention. This was
one of the initiatives put in place after an
extremely sophisticated threat actor
compromised the Australian National University
(ANU) and persisted within the university’s
network for months at a time.
In 2019, there was an increase in ransomware
used in targeted attacks toward state, provincial
and local governments, as well as large
corporations.
Attacks have ranged from hospitals, police
stations and educational institutions to
aluminum factories (Norsk Hydro, Norway) and
power grids (City Power, Johannesburg).
“In a modern, citizen-centric environment,
successful ransomware attacks are highly
disruptive,” SonicWall President and CEO Bill
Conner wrote for Forbes.
The shuttering of the Coinhive mining operation in March 2019 dealt a devasting blow to the nefarious cryptojacking racket that abused the service.
Coinhive was not inherently malicious; it was an alternative method for websites to earn revenue instead of showing advertisements.
Mirroring how malware is being leveraged,
cybercriminals are being more targeted with
phishing than ever before, too. So much so,
SonicWall Capture Labs threat researchers
recorded a 42% decline in overall phishing
volume, the third straight year the attack vector
declined.
Introduction of SASE
The cybersecurity and network security solution spaces
are highly segmented with an endless number offerings
and vendors. This creates a massive headache forCyber
organizations trying to smoothly integrate these
solutions into their network environment.
For decades, protecting networks was entirely focused
on defining perimeters and setting up defense layers to
keep threats out. And for years, this approach served
businesses well, with finite exposure points and attack
vectors that were guarded with some investment and
adherence to established best practices and frameworks.
Tracking the evolution of malware strains
The collective power of Capture ATP and RTDMI
also helps SonicWall Capture Labs threat
researchers track the evolution of malware
variants — even when authors obfuscate their
payloads, such as using scripts inside of archives.
PDFs, Microsoft Office files among top new file types
In 2019, SonicWall observed that most new threats are
based on malicious PDFs or Office files, followed by Archives.
PDF files are popular because they are searchable, can be viewed on any device, are easy to create and may be encrypted for security, password-protected and/or digitally signed for authentication.
By forcing malware to reveal its weaponry in
memory, RTDMI proactively detects and blocks
mass-market, never-before-seen threats and
unknown malware, including attacks against
processor vulnerabilities and malicious PDFs and
Office files.
What are ‘never-before-seen’ malware variants?
SonicWall tracks the detection and mitigation of
‘never-before-seen’ malware.
In many cases, zero-day vulnerabilities are
patched, fixed or otherwise mitigated before
attacks can cause serious damage. Unfortunately,
the inverse is also true. In 2019, SonicWall
recorded and analyzed the top 10 CVEs that
were exploited “in the wild.