According to the midyear update to the 2020 SonicWall Cyber Threat Report, while the quantity of malware deployed overall is dropping, the malware that is going out is both more advanced and more targeted than ever before. The degree of sophistication displayed in some phishing and social engineering strategies proves that even if you don’t know your adversary, they certainly know you. If they’re successful in fooling you, their cyber threats are often capable of completely circumventing legacy cybersecurity solutions. These sorts of threats will often obfuscate in front of security solutions, only to execute later in memory — or worse, in the CPU and hardware where you are a tenant. Perhaps in a service you have in the cloud where the hardware itself executes the code and steals your information.
And if you’re thinking only a handful of cybercriminals have access to this level of sophistication, think again.
In 2020, each month saw a significant year-over-year increase in the number of malware variants found by SonicWall Capture ATP (Advanced Threat Protection) and RTDMI (Real-time Deep Memory Inspection). Combined, they represent a full 62% increase over 2019’s first-half totals. In the first six months of 2020, Capture ATP and RTDMI found 315,395 new malware variants, including threats that do not exhibit any malicious behaviour and hide their weaponry via encryption. During this time, there has also been a whopping 176% increase in the number of malicious Office files, including some that can evade signature-based anti-malware engines and hinder sandbox debugging and analysis. These files look just like any other file you may receive through the course of your workday but can lead to data exfiltration, ransomware infections and more.