IT For CEOs & CFOs
Watchguard reports malware surge
UK is the top target for malware according to the latest report from WatchGuard (www.watchguard.com) with 67% of all malware in Q1 2020 being delivered via encrypted HTTPS connections whilst a further 72% of encrypted malware was classified as zero day, so would have evaded signature-based antivirus protection.
These are the findings in the WatchGuard Internet Security Report (www.watchguard.com/wgrd-resource-center/security-report-q1-2020) that shows that without HTTPS inspection of encrypted traffic and advanced behaviour-based threat detection and response, organizations are missing up to two-thirds of incoming threats. The report also highlights that the UK was a top target for cyber criminals in Q1, earning a spot in the top three countries for the five most widespread network attacks.
“Some organizations are reluctant to set up HTTPS inspection due to the extra work involved, but our threat data clearly shows that a majority of malware is delivered through encrypted connections and that letting traffic go uninspected is simply no longer an option,” says Corey Nachreiner, chief technology officer at WatchGuard.
“As malware continues to become more advanced and evasive, the only reliable approach to defence is implementing a set of layered security services, including advanced threat detection methods and HTTPS inspection.”
Other key findings from WatchGuard’s latest Internet Security Report include: the surge in popularity of Monero cryptominers; as well as Flawed-Ammyy and Cryxos malware variants which are delivered as an email attachment disguised as an invoice and will ask the user to enter their email and password, which it then stores. Flawed-Ammyy is a support scam where the attacker uses the Ammyy Admin support software to gain remote access to the victim’s computer.
“Q1 2020 was only the start of the massive changes to the cyber threat landscape brought on by the COVID-19 pandemic. Even in these first three months of 2020, we still saw a massive rise in remote workers and attacks targeting individuals,” comments Nachreiner.