In the first half of 2024, malware-based threats surged by 30% compared to the same period in 2023, according to SonicWall’s 2024 Mid-Year Cyber Threat Report. A notable spike occurred between March and May, with May alone seeing a 92% increase in malware attacks year-on-year. The report revealed that 78,923 new malware variants were identified in this period, translating to 526 new variants daily. Additionally, 15% of observed malware used software packing as a primary technique to evade detection.
The report highlighted that threat actors are increasingly using sophisticated malware and delivery methods to bypass common security protocols. PowerShell, a legitimate Windows automation tool, is now exploited by over 90% of malware families to evade detection and download additional malware. Despite efforts by PowerShell to restrict script execution, attackers have developed techniques to circumvent these restrictions by using local script invocations or command-line arguments.
SonicWall also observed a dramatic 107% year-on-year increase in attacks targeting Internet of Things (IoT) devices in the first half of 2024. IoT devices are frequently targeted due to their often inadequate security measures. The report noted that vulnerabilities, such as the TP-Link command injection flaw, have been extensively exploited, leading to increased use of Mirai malware for creating botnets capable of large-scale distributed denial of service (DDoS) attacks.
Ransomware attacks varied significantly by region, with North America and Latin America experiencing increases of 15% and 51%, respectively, in the first half of 2024. Conversely, ransomware attacks in the EMEA region decreased by 49%, indicating that enhanced cybersecurity measures and law enforcement efforts are making an impact. Despite the prominence of ransomware in cybersecurity news, business email compromises (BECs) are now reported at a rate of 10 times for every ransomware incident, underscoring a shift in the threat landscape.
Reference:
