SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Breach Prevention
#
Cybersecurity
#
Firewall
WatchGuard report: 30% of all malware isn’t caught by legacy AV
Mon, 8th May 2017
FYI, this story is more than a year old
Author image
By Sara Barker, Copywriter and Senior News Editor
Follow us

WatchGuard's latest Quarterly Internet Security Report says that 30% of malware attacks are new or zero day exploits, which means antivirus solutions that rely on previous signatures are missing a huge chunk of the cyber threat landscape.

The Quarterly Internet report, based on analytics from WatchGuard's Threat Lab, looks at the latest security and network threats affecting small businesses and enterprises.

In Q4 2016, WatchGuard blocked 30.4 million network attacks and 18.7 million malware variants.

The APAC region fared reasonably well, accounting for 6% of malware attacks and 1% of network attacks. However, all of the top ten Word macro malware variants primarily affected China and the United States.

“Our Threat Lab has been monitoring the most prevalent security industry threats and trends for years and now with the addition of the Firebox Feed—anonymised threat analytics from Fireboxes deployed around the world—we have firsthand, acute insight into the evolution of cyber attacks and how threat actors are behaving,” comments WatchGuard CTO Corey Nachreiner.

The report found that because 30% of malware is new and undetected by legacy AV solutions, it shows that cyber criminals' ability to hide or repack their creations is outpacing the security industry's efforts to keep up with them.

WatchGuard says that without an advanced threat protection solution, organisations would fail to detect a third of all malware.

Here are some of the major trends from the Quarterly Internet Security Report:

  • Macro-based malware is still doing the rounds. This include spear-phishing emails that include documents with malicious macros. Attackers have also included Microsoft's new document format as part of their arsenal.
  • Attackers are looking at banks as popular targets for evasive malware. They're also using malicious web shells and PHP shells to hijack web servers.
  • JavaScript is still highly vulnerable, as it is still a popular malware delivery platform for exploit kits. WatchGuard says its Firebox feed saw a jump (STATS) in malicious JavaScript across email and the web.
  • Network attacks are going after web services and browsers - 73% of attacks target web browsers in drive-by downloads.
  • Trojans are increasingly going after IoT devices running Linux systems.
  • The Mirai botnet attacks showed that IoT devices should never be connected directly to the internet.

So how do organisations protect against attacks? WatchGuard has some basic tips.

  • Keep security best practices and firewalls in addition to more advanced threat protection
  • Consumers should only buy IoT devices from manufacturers who consider security. IoT devices should also be kept up to date with the latest firmware and software
  • Use layered, Kill Chain defences to protect against all possible attack vectors and stages
  • Educate employees about the latest security threats - such as Office documents loaded with malicious macros
  • Choose an advanced malware prevention solution, such as WatchGuard APT Blocker. 
Want to find out more? Download the full report here.
Related stories
Spirent partners with online payments platform to boost cyber defenses
Axis unveils hybrid cloud platform for adaptable security solutions
Cisco launches Hypershield for AI-driven security upgrade
Keeper Security launches user-friendly passphrase generator
How attackers target security blind spots: Three real-life lessons from the SOC
Top stories
i-PRO to support Genetec SaaS with new AI-enabled camera models
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption
RiverSafe teams up with Cribl to boost IT & data security services
Business leaders anxious over data security – report
Half of online traffic in 2024 generated by bots, report finds