According to the annual 2019 SonicWall Cyber Threat Report, we’re being subjected to more attacks by cybercriminals than ever before. The report provides an in-depth look at threat intelligence obtained from the company’s more than one million sensors located around the world. In 2018 there were a record-high 10.52 billion malware attacks that included 391,689 newly identified attack variants.
“Cyber perpetrators are not letting up in their relentless pursuit to illegally obtain data, valuable information and intellectual property,” said Bill Conner, president and CEO of SonicWall.
One of the ways cybercriminals have gotten around the traditional firewalls is to use Microsoft files and PDF files to deliver malware. Unsuspecting users open an attachment received in their email and unleash software code that can be devastating. SonicWall’s multi-engine found these threats in over 47,000 PDFs and almost 51,000 Office files in 2018. This is a serious and growing problem, as most security controls cannot detect these dangerous files.
Among the results, SonicWall reported that 10.52 billion malware attacks were blocked in 2018, the most ever recorded to date by the company. There was an 11 percent year-over-year increase in ransomware attacks, a 56 percent increase in web app attacks, and 3.9 trillion intrusion attempts
One of the fastest growing areas of attacks is in the area of the Internet of Things (IoT). IoT devices refer to the millions of connected devices, including thermostats, baby monitors, vacuums, routers, appliances, medical equipment, cameras, doorbells, lights, etc. Anything connected to a network.
The sale of these devices into our homes, offices, and public spaces have made them ripe for attack.The increased demand for the devices and the wide number of companies building them means that many are sold without the proper security settings, and often the IoT products are set up using the out-of-the-box security settings, making it easy to be compromised by third parties.
So how bad is it? Sonic Wall recorded 32.7 million IoT attacks in 2018, a 217.5 percent increase over the 10.3 million IoT attacks the company logged in 2017. These devices are often compromised by botnets, which are a collection of internet-connected devices, each of which is running a specific task. These botnets can then be hijacked to perform new tasks such, as sending spam, sending enough traffic to shut down some websites (denial of service), stealing data, or allowing access into a network.
Foreign-based cybercriminals are particularly going after IoT devices, because it allows them to break into U.S. networks to initiate their cyber campaigns and because their activity is less suspicious originating from a U.S. network compared to a foreign one.
What can we do to minimize these attacks? Set up all your IoT devices with a strong password and also think before you buy a connected device. Do you really need your lights to be controlled by an app or your refrigerator to email you when the icemaker is out of ice? Sometimes new gadgets make your life more complicated while making it easier for cyber criminals.