News &
Information

How AI Will Determine The Future Of Malware

AI may soon be an organization's best and only defense against increasingly dangerous malware. Learn why.

Network Attacks Hit A Three-Year High: How Should Employers Respond?

As workers return to the office, the rate of malware detection has increased. We examine the risks facing employers.

Beyond Passwords: Three Big Ideas To Improve Cyber Defenses

New ways of thinking about increasingly sophisticated cyber threats are needed to meet those challenges. Learn more.

The Russian-Ukraine Conflict And The Rise Of Phishing Campaigns

Cybercriminals use current events, like the Russia-Ukraine conflict, to commit their crimes. Learn about the latest cyber risk.

Network Attacks Hit A Three-Year High: How Should Employers Respond?

July 28, 2022

The CSO at internet security company WatchGuard Technologies recently discussed a high-level summary of its Internet Security Report for Q4 2021, which revealed that all types of threats increased over 40 percent from the previous quarter.

When the pandemic started, observers note a big drop in malware being detected by network security devices, which suggested that as tech-based jobs moved to remote work, many employees were no longer using organizational resources to access the internet. This was likely the main reason employers' networks noted a drop in malware attacks via employee workstations. However, network attacks continued to rise through the pandemic, since the servers still lived at the offices and in the cloud, and network security still protected those.

In Q4 2021, observers noted an increase in the number of malware threats directed at the user level. Some of this may be because of the normal holiday shopping season, but most likely, the returning of workers to the office is the likely explanation for the increase in corporate detection rates. "Network attacks increased to a 3-year high" www.helpnetsecurity.com (Apr. 26, 2022).

Commentary

WatchGuard also noted that among browser-based malware threats, by far the most targeted was the now obsolete Microsoft’s Internet Explorer (IE). This was so even though IE has one of the lowest user rates among major browsers. Chrome’s market share is at least 70 percent, followed by Safari, Firefox, and Microsoft Edge. IE has less than one percent market share.

The Report noted a decrease in the incidents of ransomware, but crypto-mining malware remained relatively steady.

Finally, it noted a high incidence (66 percent) of zero-day malware infections still exists. This is malware that gets past signature-based protection defenses because in and of itself, it does nothing to attract the attention of the security software. Instead, once operational, it uses built-in operating system files to accomplish its work. Moreover, about 67 percent of that zero-day malware arrives over encrypted

(secure web) connections, often the result of successful phishing attempts. This suggests threat actors are focusing even more on evasion than sophistication.

All of these reports suggest that the threat environment facing employers has increased, but many of the more severe threats can be addressed through continued training and the following of well-thought-out security protocols. Using updated and more secure internet browsers is strongly suggested. Finally, the continued use of evasion tactics by the majority of malware suggests reliance on traditional signature-based defenses may not be the best long-term solution. Instead, the use of real-time or AI-based defenses may be the best option.

Finally, your opinion is important to us. Please complete the opinion survey: