Thirty percent of malware can be classified as new or zero-day because it cannot be caught by legacy antivirus solutions, according to research published in WatchGuard’s first Quarterly Internet Security Report, which explores the latest computer and network security threats affecting SMBs and distributed enterprises.
The results from Q4 2016, confirm that cyber criminals’ capability to automatically repack or morph their malware has outpaced the AV industry’s ability to keep up with new signatures. This means that without advanced threat prevention, companies could be missing up to a third of malware.
The WatchGuard report also shows that old threats are reappearing and macro-based malware is still prevalent. Spear-phishing attempts still rely on malicious macros hidden in files including Microsoft’s new document format, while attackers also still use malicious web shells to hijack web servers. It appears that PHP shells are alive and well, as nation-state attackers have been evolving this old attack technique with new obfuscation methods.
Other findings in the WatchGuard Q4 2016 report include:
- Most network attacks were aimed at web services and browsers, with 73 percent of the top attacks targeting web browsers in drive-by download attacks.
- All of the top ten exploits were web-based attacks and the top network attack was Wscript.shell Remote Code Execution that targets Internet Explorer (IE). But strangely, this attack almost entirely affected Germany alone. Breaking it down country by country, it targeted Germany 99 percent of the time.
The new Quarterly WatchGuard Security Report covers top network and malware trends and examines the most notable cybersecurity stories, details new research from the WatchGuard Threat Lab and provides practical defence tips for security professionals.
The findings in the report are based on anonymised Firebox Feed data from WatchGuard’s 24,000 active unified threat management (UTM) appliances worldwide.
Seminar will address the challenges and opportunities that the implementation of the new GDPR will bring
Organisations large and small - including charities - are being urged to protect themselves against cybercrime
Cloud adoption and escalating threats are accelerating the adoption of encryption technology in organisations
NICVA, the Northern Ireland Council for Voluntary Action, has become the first charity in Northern Ireland to achieve the Cyber Essentials Plus Certification