Network detection in EMEA quadrupled, and malware detected almost twice the rate of the rest of the world.
April 5, 2022 – WatchGuard® Technologies’ latest quarterly Internet Security Report shows the highest number of evasive malware detections and high threats at a 33% increase, suggesting an unprecedented level of day-to-day threats.
Researchers at the WatchGuard Threat Lab detected malware threats in EMEA at a much higher rate than other regions worldwide in Q4 2021, with malware detection per Firebox at 49%, compared to America at 23% and APAC at 29%. The network intrusion detection pathway has continued to rise as well as the largest total number of detections in any quarter over the past three years with a 39% quarter-over-quarter increase. Researchers suggest that this may be due to the continued focus on old vulnerabilities as well as the growth of networks of organizations. As new devices become online and old vulnerabilities remain unchanged, network security becomes more complex
“The ongoing move to a hybrid workforce is making surfaces more aggressive and creating more potential security holes for organizations to plug in,” says Corey Nachreiner, chief security officer at WatchGuard. “With the highest level of zero day threats we have ever recorded and an attack surface that extends well beyond the perimeter of the network to IoT, home networks and mobile devices, companies need to adopt a truly unified security approach that can adapt quickly and efficiently. for the growing threat landscape. Organizations should commit to implementing simple but critical measures such as regularly updating and patching systems so that they do not become hacker-enabled. ”
Other key findings from this Internet Security Report include:
- 78% of malware delivered via encrypted links is bypassed – Overall, 67% of malicious detections came over an encrypted connection, and within those malware detections, 78% were zero day malware malware threats that evade basic detection. This follows a trend seen in previous quarters. These threats can often be stopped at the perimeter by setting firewalls to decrypt and scan incoming traffic – a step that many organizations unfortunately do not do.
- A new leader in the Office arrives to take advantage of malicious software – Q4 2021 saw a significant number of malware targeting Office documents, similar to results from R3. CVE-2018-0802 remains on the top 10 malware list, landing at number 5 this quarter, up any spot from last quarter, and remains on the most prevalent malware list. Researchers suspect that this may have replaced CVE-2017-11882 as the Office’s core business.
- Emotet returns with a vengeance – Two new malware domains were added this quarter to the list of major malware domains detected by WatchGuard. One of these domains, Skyprobar[.]info, linked to Emotet, the banking trojan that has emerged in its C2 and distribution infrastructure malware for other payloads. After declining due in part to direct interference from U.S. law enforcement, the Emotet malware emerged in Q4 2021.
WatchGuard’s quarterly research reports are based on anonymous Firebox Feed data from WatchGuard’s active Fireboxes who have chosen to share their data with owners to directly support the Threat Lab’s research efforts. In Q4, WatchGuard blocked more than 23.9 million versions of malware (313 per device) and almost 5.9 million network threats (75 per device). The full report includes details on additional malware and network trends from Q4 2021, a detailed Log4Shell vulnerability analysis, recommended security strategies and critical protection tips for businesses of all sizes and in any sector, and more.
For a detailed overview of WatchGuard research, read the complete R4 2021 Internet Security
WatchGuard’s New Report on Laboratory Threat of Network Attacks Highlights Over Three Years –
Source link WatchGuard’s New Report on Laboratory Threat of Network Attacks Highlights Over Three Years –