According to SonicWall, we must expect a surge of ransomware and cryptojacking
Not only that: the SonicWall Cyber Threat Report 2019 shows that in 2019 the first malware could arrive that could exploit the vulnerabilities of processors like Specter, Meltdown, Foreshadow and Spoiler.
SonicWall is a company based in Silicon Valley that produces cybersecurity products for the corporate world, distributed to customers through its network of 400 partners. The reference sector is that of SMEs, although lately the company is investing a lot to grow even within the enterprise sector.
In its catalog, we can find firewalls, secure access points, solutions to protect endpoints and apps that run in the cloud. To obtain the intelligence data needed to stay ahead of the cybercriminals, the company relies on the SonicWall Capture Threat Network, a network of one million ” sensors ” located across 215 countries that collect and analyze traffic in search of threats known or still unknown, blocking 28 million a day, on average.
It is precisely from the data acquired through the Capture Threat Network that SonicWall draws up its Cyber Threat Report annually.
SonicWall Cyber Threat Report 2019: what will be the most common threats this year?
The cyber threat report published by SonicWall agrees with other work on the subject: the number of malware attacks is increasing dramatically, rising from 8.62 billion threats detected in 2017 to over 10.5 billion last year.
The negative record of the most attacked country lies with the United States – only 5 billion threats have been detected here – followed by a major detachment from China. The latter has seen the number of attacks drop by 53% compared to 2018, but this is an isolated case: in all other countries, the trend is the opposite.
Contrary to what has been hypothesized by other researchers, the sensation of SonicWall is that despite the sharp decline recorded by all operators, Cryptojacking attacks – the unauthorized use of resources (servers, but also simple smartphones or NAS) to undermine cryptocurrencies – will return to be talked about.
The apparently counter-current position of SonicWall is also based on the trend in the value of cryptocurrencies such as the Bitcoins that after the 2018, annus horribilis are recovering to acquire value, partly also driven by the announcement of Facebook.
For the same reason, SonicWall expects a return of ransomware, now within the reach of even the less experienced hackers thanks to the availability on the black market of tools to package type attacks, sold for a few hundred dollars, and RaaS services, Randomware as a Service. The arrival of another malware with destructive potential like that of WannaCry cannot be excluded.
The biggest concerns come from Side-Channel attacks, those that exploit hardware vulnerabilities to extract confidential information: Specter, Meltdown, PortSmash, Foreshadow and the recent Spoiler are known vulnerabilities that will sooner or later be exploited.
How to run for cover?
As the attacks become more sophisticated, exploiting encrypted protocols like SSL and TSL and relying on artificial intelligence algorithms to disguise themselves, the classic solutions such as firewalls and sandbox systems may not be effective, and this is why most manufacturers of security solutions is proposing solutions based on the AI.
No exception SonicWall has developed and integrated RTDMI technology, Real Time Deep Memory Inspection, into SonicWall Capture Cloud Platform. It is a solution that relies on machine learning algorithms to find threats that are not yet cataloged, able to overcome the limitations of traditional sandbox systems, which some malware are already capable of deceiving.
The system is able to block 98% of the threats before they are executed: the 2% that escapes the initial control is then verified inside an advanced Sandbox system that can block the attacks in less than two seconds. SonicWall specifies that this solution can also block attacks that exploit hardware vulnerabilities such as MeltDown.