Security appliances vendor SonicWall has released a mid-year cyberthreat report, and it’s not particularly good news. Malware numbers are growing, ransomware is experiencing a resurgence after decreasing slightly in 2017, and corporate networks are facing more threats now than ever before.

The bad guys are winning, in other words, and the good guys are still stuck playing catch-up, as has been the norm since the dawn of computer viruses back in the 1971. That was “Creeper”, in case you were wondering.

In fact, so much is changing about the cyberthreat landscape – and so quickly – that this report marks the first time SonicWall has released a mid-year update to what is usually an annual report.

All of the data presented in the report was gathered by SonicWall’s own Capture Security Centre, a cloud-based intelligence that analyses and monitors cyberthreats in real-time, offering security researchers “the ultimate in visibility, agility, and capacity to govern entire SonicWall security operations and services with greater clarity, precision and speed — all from a single pane of glass.”

The report presents cyberattack trends from the first six months of the year, and includes real-world threat intelligence on malware, ransomware, encrypted attacks, chip-based attacks, and more.

Here are some of the highlights, although considering the content of the information they’re more like low-lights.

  1. Malware volume surges in 2018

There has been a 102% increase in malware volume compared to 2017. SonicWall recorded 5.99 billion attacks so far in 2018.

  1. Ransomware is back… with a vengeance

Between 2016 and 2017, attacks involving ransomware dropped from 645 million to 184 million attacks. Sadly, the first six months of 2018 have seen a “normalisation” of ransomware attacks – so far they’ve seen over 181.5 million attempts by ransomware to make some illegal side-cash, plus there have been new, more effective variants found in the wild.

One of the most famous ransomware attacks so far has been the SamSam variant aimed at the city of Atlanta in the US, where it shut down five out of 13 city departments for ten days and demanded $52,000 to restore them. SonicWall customers were protected, however, as its security appliances were already protected against the signature of the malware SamSam was based on, which was the Hidden Tear gateway.

  1. Encrypted attack numbers surge

2018 has seen a 275% increase in the number of attacks that make use of encryption to evade detection. This matches the rise in the overall amount of encrypted traffic on the internet.

  1. Real-Time Deep Memory Inspection catches more unknown malware variants

In the first bit of good news, SonicWall said that its Real-Time Deep Memory Inspection (RTDI) technology blocked more than 12,300 never-before-seen cyberattacks and malware variants in the first half of 2018.

RTDI is so good, it’s able to detect and stop malware whose “weaponry” is exposed for less than 100 nanoseconds, it can effectively mitigate Meltdown processor attacks and even stop Spectre-based attacks.

Finally, one for the good guys.

  1. Cryptojacking grows

Back to the bad news: the act of hijacking devices and co-opting their processors into mining cryptocurrencies also grew in 2018, thanks largely to the use of CoinHive, a Javascript tool used to mine the Monero cryptocurrency.

It’s delivered by compromising websites, which deliver the tool to unsuspecting smartphone/laptop/desktop users, whose devices then dedicate a portion of their processing power to mining Monero on behalf of hackers.

Since January 2018, SonicWall has detected more than 5.6 million examples of CoinHive in use.

  1. Know what you’re up against

This one isn’t bad at all (even if it is a bit scary): SonicWall wants everyone to know what they’re up against in the war against cyberthreats, and to that end has made a tool available to everyone that does that.

It’s called the “SonicWall Security Center threat meter”, and it shows a graphical view of the attacks that have taken place across the globe over the last 24 hours. It’s there to show just how fast the threat landscape moves, and to show customers and potential customers alike what their IT departments and security appliances are faced with on a daily basis.

Click here to check out the Security Center threat meter for yourself.

If you’d like to read the full report, you can find it on – and download it from – the SonicWall website by clicking here.

Contact Us

Should you wish to talk to someone at Tarsus Distribution about SonicWall’s security appliances and what they can do for your business, give the SonicWall team a ring on 011 531 1000 or send them an email.