Dell SonicWALL threat researchers uncover nearly 80 billion incidents of post infection malware activity

Threat researchers discover trends in attack strategies and explore vulnerabilities in top industry products.

  • 10 years ago Posted in

The Dell SonicWALL Threat Research Team has released its annual threat report, revealing significant findings from calendar year 2013, focusing on trends in zero-day vulnerabilities and new cybercriminal tactics. The annual report is based on data collected by the Dell SonicWALL Global Response Intelligent Defense (GRID) Network, a threat intelligence network with over 1 million sensors that monitors traffic for emerging threats around the globe.


The findings in this report are based on the ongoing security research conducted by the Dell SonicWALL Threat Research Team. Key findings for calendar year 2013 include:
· Post-infection malware activity: At 78 billion hits globally, remotely accessed malware opens the door to risk that can cause significant damage before organisations are able to quarantine and remediate.
· There were 14 reported zero-day vulnerabilities in 2013: Browser-based attacks lead the list with Java being the number one targeted application, followed closely by Internet Explorer, and Adobe Flash Player. Other notable zero-days targeted Adobe Reader and the Windows operating system.
· Increase in threats using SSL encryption: Dell SonicWALL threat researchers witnessed a rise in bots relying on SSL-encrypted communication to Command and Control servers. This is designed to evade detection by disguising communication in an encrypted session.
· Death of BlackHole: 2013 also saw the end of the BlackHole exploit kit with the author’s arrest in October. As a result, the SonicWALL Threat Research Team expects 2014 to bring an increase of new exploit kits discovered in the wild.
· Advent of sophisticated Ransomware: For the first time, in 2013, SonicWALL threat researchers saw cybercriminals begin to deploy more robust ransomware that leverages asymmetric-key encryption to encrypt critical data on infected machines. They observed a new Cryptolocker Trojan that, unlike traditional Ransomware, leaves system access intact but encrypts various documents and executables found on the system.
Top IT security predictions for 2014 as a result of this data include:
- Hybrid malware on the rise: Sophisticated malware that infects both mobile and desktop systems is expected to increase. Android will still be the leading platform for mobile device and will continue to be the focus for many cybercriminal attacks.
- New targets on Windows: Windows XP – one of the top 15 affected products in 2013 – will continue to realise a surge of attacks as its support life cycle is ending in 2014. Organisations that do not migrate to a newer version of Windows and continue to use Windows XP are especially vulnerable without Microsoft support and patching. Researchers also expect to see exploits targeting Windows 7/8 to increase in 2014.
- Evolution of Bitcoin malware: As bitcoin gains in popularity and value, cybercriminals have once again set their target on obtaining the digital currency through malicious activities. In late 2013, SonicWALL researchers observed an increase in bitcoin-mining botnets, which were designed to hijack computing power to mine for bitcoins with zero hardware or energy expenses to the criminal operation. We expect this trend to continue well into 2014 as long as the value of bitcoin remains high.
 

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...