2020 SonicWall Threat Report:  Threat Actors Pivot Towards Increasingly Targeted Attacks

SonicWall, a Milpitas, California-based IT security vendor, has announced its annual threat report findings with a mixture of good news and not-so-good news.

‘Spray-and-pray’ tactics that once had malware attack numbers soaring have since been abandoned for more targeted and evasive methods aimed at weaker victims. SonicWall recorded 9.9 billion malware attacks, a six percent year-over-year decrease.

While total ransomware volume (187.9 million) dipped nine percent for the year, highly targeted attacks left many state, provincial and local governments paralyzed and took down email communications, websites, telephone lines and even dispatch services.

Meanwhile, bad actors continue to deploy ransomware on ordinary devices, such as smart TVs, electric scooters and smart speakers, to daily necessities like toothbrushes, refrigerators and doorbells. SonicWall Capture Labs threat researchers discovered a moderate five percent increase in IoT malware, with a total volume of 34.3 million attacks in 2019.

The volatile shifts and swings of the cryptocurrency market had a direct impact on threat actors’ interest to author cryptojacking malware. The dissolution of Coinhive in March 2019 played a major role in the threat vector’s decline, plunging the volume of cryptojacking hits to 78 percent in the second half of the year.

Cybercriminals also used new code obfuscation, sandbox detection and bypass techniques, resulting in a multitude of variants and the development of newer and more sophisticated exploit kits using fileless attacks instead of traditional payloads to a disk. While malware decreased 6 percent globally, SonicWall observed that most new threats masked their exploits within today’s most trusted files.

“Cybercriminals are honing their ability to design, author and deploy stealth-like attacks with increasing precision, while growing their capabilities to evade detection by sandbox technology,” said SonicWall President and CEO Bill Conner. “Now more than ever, it’s imperative that organizations detect and respond quickly, or run the risk of having to negotiate what’s being held at ransom from criminals so embolden they’re now negotiating the terms.”

The 2020 SonicWall Cyber Threat Report is the result of threat intelligence collected over the course of 2019 by over 1.1 million sensors strategically placed in over 215 countries and territories.

Channel Impact^®
The data demonstrate the continued need for channel partners to build solid security practices, either leveraging their internal expertise, or in partnership with specialized partners.