This document discusses cybersecurity trends for 2020 based on a presentation by Cosmin Vilcu of SonicWall. Some key points include:
- Increased automation in cybersecurity is expected to help address skills gaps and improve efficiency, though automated tools still require skilled staff.
- 5G and the growth of IoT devices will expand security risks as more devices are connected but exposed online.
- Shadow IT and cloud threats will be growing concerns, with 33% of attacks predicted to be on shadow IT assets and 80% of new cloud security deals bundled with other security tools.
- Cybersecurity budgets and investments are increasing significantly to address rising threats and complexity in securing organizations.
4. The Global Risks Landscape
2019
Source: World Economic Forum Global Risks Perception Survey
2018–2019.
5. Verizon predictions for 2019
• Contextual privacy will be front and center
• Automation will transform the workforce: Robotic process automation and
machine learning (ML) will transform how business operates
• We’ll go back to basics on security (again), but also focus on specifics: In 2019,
organizations will redouble their efforts to strengthen their security posture. It’s
about understanding their risk environment, and ensuring they are doing the
basics right to protect their business; practicing IT hygiene to keep
infrastructure current to protect against vulnerabilities continues to be critical.
6. Dangerous Memory Threats & Side-Channel Attacks
Side-channel attacks will be an
ongoing risk to the computing
landscape, which will make
technology that can mitigate these
attacks a critical requirement.
“Spectre is here to stay.”
Google Researchers | February 2019
Processor Vulnerabilities
ZombieLoad
7. MID-YEAR UPDATE | JULY 2019
2019 SONICWALL
CYBER THREAT REPORT
Arm Your Business with the Latest Threat
Intelligence from the First Half of 2019
9. 2019 GLOBAL CYBER ARMS RACE
SonicWall recorded more than 4.78
billion malware attacks for the first half
of 2019 — a 20% year-to-date
decrease.
Global malware volume dips to start
2019, but other attack types rebound.
4.78
Billion
5.99
Billion
20191H
20181H
10. CYBERATTACK TRENDS
As global malware
volume declines,
other attack types
increase during
the first half of 2019.
-20%
MALW ARE
ATTACKS
4.8 BILLION
15%
110.9 MILLION
RANSOMW ARE
ATTACKS
2.0 TRILLION
INTRUSION
ATTEMPTS
4%
76%
2.5 MILLION
ENCRYPTED
THREATS
11%
19.2 MILLION
W EB APP
ATTACKS
55%
13.5 MILLION
IOT
MALW ARE
11. In 2018, the average
SonicWall customer faced:
SonicWall Security Center: Did You Know?
WORLDWIDE ATTACKS
• ~25,000 malware attacks (+22% over 2017)
• 490 ransomware attacks (+11%)
• 19% of malware using non-standard ports (+9%)
• 9.3 million intrusion attempts (+38%)
• 1,276 encrypted threats (+27%)
• 105K web app attacks (+79%)
• 5,488 phishing attacks
• 392K new attack variants (1,074/day)
detected by Capture ATP
• 74K+ never-before-seen attack variants
identified by RTDMI™
Between January and September 2019,
the average SonicWall customer faced:
• 17,135 malware attacks (-15%)
• 361 ransomware attacks (-5%)
• 135 cryptojacking attacks (-1%)
• 14% of malware using non-standard ports (-13%)
• 7.1 million intrusion attempts (+3%)
• 1,702 encrypted threats (+74%)
• 112,898 web app attacks (+9%)
• 2,740 phishing attacks (-22%)
• ~292K new attack variants (1,061/day) detected by Capture ATP
(+1%)
• ~113K never-before-seen attack variants
identified by RTDMI™ (+222%)
12. Security Industry Advances Cybercriminal Advances
KEY FINDINGS FROM FIRST HALF OF 2019
Encrypted
Attacks
Intensifying
Bitcoin Value
Keeping
Cryptojacking
in Play
Global
Phishing
Trending Down
Malicious PDF
& Office Files
Briefly Dip
Non-Standard
Ports Still A
Concern
Memory
Threats
Identified Early
Machine
Learning A
‘Must Have’
Ransomware,
RaaS Rising
IoT Attacks
Escalating
Overall
Malware
Down
13. Security Industry Advances
UK, India
Harden
Against
Ransomware
Cybercriminal Advances
Rise of
Cryptojacking
Memory
Threats
Identified Early
KEY FINDINGS FROM FIRST HALF OF 2019
Encrypted
Attacks
Growing
Phishing
Down, More
Targeted
Malicious PDF
& Office Files
Non-Standard
Ports Ripe for
Exploitation
IoT Attacks
Escalating
Machine
Learning
Maturing
Ransomware
Up Globally
• UK ransomware
down 59%
• NHS attacks in
2017
• India also
down 49%
• First side channels
Meltdown and
Spectre – Jan 2018
• Latest was Spoiler,
Mar 2019
• RTDMI provides
day zero
protection against
future exploits
• Capture ATP
blocked over 390K
new variants in
2018
• RTDMI detected
74K never-before-
seen cyberattacks
in 2018
• 57.5 million
cryptojacking
detections in 2018
• Peaked in Sept
13.1 million
• Subsequent
decline tracks
price of Bitcoin
• 26 million phishing
attacks in 2018,
decline of 4.1%
• Average customer
faced 5,488
phishing attacks
• Phishing spiked
during Nov holiday
season
• Global
ransomware up
11% in 2018
• 206.4 million
attacks globally
• Average customer
attacked 25K times
in 2018
• 34% of threats
found by Capture
ATP in Q4’18 were
PDF/Office
• EXE and Flash are
on the decline
• Ports 80 and 443
are the standard
ports for web
• 19.2% of malware
used non-standard
ports in 2018
• This was up 8.7%
over 2017
• IoT attacks
increased 217%
in 2018 to 32.7
million
• Routers and IP
Cameras the
most commonly
targeted devices
• 31 billion IoT
devices forecast
by 2020
• In 2012, major
websites moved to
100% HTTPS
• In 2018, we saw a
27% increase in
attacks using HTTPS
• Nemucod was 39%
of the malware
using HTTPS
Security Industry Advances
Global Phishing
Trending Down
• 8.3 million phishing
attacks worldwide in 2019
• 19% dip year to date over
2018
• In 2018, SonicWall
recorded 26 million
phishing attacks
worldwide, a 4.1% drop
from 2017
Machine Learning
Now ‘Must-Have’
• Capture ATP discovered
and blocked 194,171 new
attack variants, a 45% year-
to-date increase over 2018
• RTDMI identified 74,360
‘never-before-seen’
malware variants
in 2019
Memory Threats
Identified Early
• First side-channel attacks,
Meltdown and Spectre, in
January 2018
• Latest was Spoiler
in March 2019
• RTDMITM provides zero-
day protection against
future exploits
Overall
Malware Down
• SonicWall recorded
4.78 billion* malware
attacks
• 20% drop compared
to the same time
period last year
• In 2018, SonicWall
logged record 10.52
billion malware attacks
globally
Malicious PDFs & Office
Files Briefly Dip
• 39% of threats found by
Capture ATP in Q1 2019
were PDF/Office
• Volume dropped to 21% in
Q2 2019
• In February and March
2019, 51% and 47% of
‘never-before-seen’
attacks, respectively, came
via PDFs or Office files
14. Security Industry Advances
UK, India
Harden
Against
Ransomware
Cybercriminal Advances
Rise of
Cryptojacking
Memory
Threats
Identified Early
Encrypted
Attacks
Growing
Phishing
Down, More
Targeted
Malicious PDF
& Office Files
Non-Standard
Ports Ripe for
Exploitation
IoT Attacks
Escalating
Machine
Learning
Maturing
Ransomware
Up Globally
• UK ransomware
down 59%
• NHS attacks in
2017
• India also
down 49%
• First side channels
Meltdown and
Spectre – Jan 2018
• Latest was Spoiler,
Mar 2019
• RTDMI provides
day zero
protection against
future exploits
• Capture ATP
blocked over 390K
new variants in
2018
• RTDMI detected
74K never-before-
seen cyberattacks
in 2018
• 57.5 million
cryptojacking
detections in 2018
• Peaked in Sept
13.1 million
• Subsequent
decline tracks
price of Bitcoin
• 26 million phishing
attacks in 2018,
decline of 4.1%
• Average customer
faced 5,488
phishing attacks
• Phishing spiked
during Nov holiday
season
• Global
ransomware up
11% in 2018
• 206.4 million
attacks globally
• Average customer
attacked 25K times
in 2018
• 34% of threats
found by Capture
ATP in Q4’18 were
PDF/Office
• EXE and Flash are
on the decline
• Ports 80 and 443
are the standard
ports for web
• 19.2% of malware
used non-standard
ports in 2018
• This was up 8.7%
over 2017
• IoT attacks
increased 217%
in 2018 to 32.7
million
• Routers and IP
Cameras the
most commonly
targeted devices
• 31 billion IoT
devices forecast
by 2020
• In 2012, major
websites moved to
100% HTTPS
• In 2018, we saw a
27% increase in
attacks using HTTPS
• Nemucod was 39%
of the malware
using HTTPS
Security Industry Advances
Phishing Down,
More Targeted
• 26 million phishing attacks
in 2018, decline of 4.1%
• Average customer faced
5,488 phishing attacks
• Phishing spiked during Nov
holiday season
Rise of Cryptojacking
• 57.5 million cryptojacking
detections in 2018
• Peaked in Sept 13.1 million
• Subsequent decline tracks
price of Bitcoin
Machine Learning
Maturing
• Capture ATP blocked over
390K new variants in 2018
• RTDMI detected 74K never-
before-seen cyberattacks in
2018
Memory Threats
Identified Early
• First side channels
Meltdown and Spectre –
Jan 2018
• Latest was Spoiler, Mar
2019
• RTDMI provides day zero
protection against future
exploits
UK, India Harden
Against Ransomware
• UK ransomware down
59%
• NHS attacks in 2017
• India also down 49%
Cybercriminal Advances
Ransomware,
RaaS Rising
• Global ransomware
up 15% YTD
• 110.9 million attacks
globally through
June 2019
• Average customer faced
263 ransomware attacks
through June 2019
Non-Standard Ports
Still Cause for
Concern
• Ports 80 and 443 are the
standard ports for web
• 13% of malware used
non-standard ports in
2019
• Volume spiked to 20%
in Q2 2019
IoT Attacks
Escalating
• IoT attacks up 55%
YTD in 2019
• IoT attacks increased 217%
in 2018 to 32.7 million
• Routers and IP cameras
most commonly targeted
devices; 31 billion IoT
devices forecast by 2020
Encrypted Threats
Intensifying
• In 2019, 76% increase
in attacks using HTTPS
YTD over 2018
KEY FINDINGS FROM FIRST HALF OF 2019
Bitcoin Value Keeping
Cryptojacking in Play
• Bitcoin surge helping
cryptojacking stay relevant
• Volume passed 52.7
million for the first six
months of the year
• 9% increase over the last
six months of 2018
17. 17
According to a Salesforce Research, 27% of European IT
organizations are currently experiencing or anticipate a
current short-term skill gap in Security Areas. Another
33% responded that they don't current have a skill gap,
but they anticipated one within two years.
18. MSP Security and cloud growth drivers
• Cloud growth was predicted and is
happening
• Providertrust is essential and specific for
Country physical data locations
• Security complexity asks for serviced model
18
Source: Grand View Research
19. Cybersecurity budgets
• Cybersecurity is at the top of every
corporate executive’s mind.
Companies have already started
increasing investments in data
privacy. Research has found that
cybersecurity budgets have increased
by 141 per cent from 2010 to 2018.
• As a result, global investments in
information security are expected to
total more than $124 billion in 2019.
19
20. Increased automation in Cyber Security
20
• Automation is a significant advantage in cyber security that has been
gaining a decent footing in the business. A recent Ponemon Institute
survey of more than 1,400 IT and IT security specialists demonstrates
that 79% of respondents either right now use (29%) automation tools
and platforms inside their company or plan to utilize them (50%) within
the next couple of years.
• This development towards the utilization of automation intends to
decrease the weight on understaffed cyber security teams and
increment effectiveness. Nonetheless, it is not an ideal solution all
alone on the grounds that automation tools require gifted and
knowledgeable staff to operate them.
21. AutomatedReal-TimeBreachDetectionand PreventionTechnology
DEEP LEARNING
ALGORITHM
Machine Learning
Artifact 1
Artifact 2
Artifact 3
Artifact 4
Data File
MS Office
PDF
Streaming Data
Classified Malware
RANSOMWARE
Locky
RANSOMWARE
WannaCry
TROJAN
Spartan
UNKNOWN
CLOUD CAPTURE SANDBOX
Hypervisor
GoodBad BLOCK
until
VERDICT
SENT
Emulation
Virtualization
BLOCK
Analyzed
7.2 billion malware attack attempts
from Jan. 19 to Sept. 19
Memory/RTDMI
Protecting PDFs, MS Office and
Chip-based Processor / Memory
Network
Security
Appliances
Wi-Fi
Cloud
& SaaS
Email
IoT
Endpoints
22. 5G and IoT
• 5G tech is so important because it will make the IoT a
reality.
• The ultra-fast 5G network will allow these devices to
transfer exponentially more information with
download speeds of up to 10Gbps
• The upcoming 5G rollout is one reason why experts
predict that more than 36 billion devices will be
connected to the internet by the end of 2020.
• Unfortunately, all of them will be exposed to security
threats. In fact, research has found that the “first wave
of IoT attacks” already began back in 2016.
• This makes the expanded IoT a nightmare for
cybersecurity experts, who must figure out how to
protect cell phones, security systems, vehicles, smart
homes, and more devices from being breached
22
23. Shadow IT
• By 2020, 33% of effective attacks
experienced by companies will be on
their shadow IT assets. Business units
manage the truth of the enterprise and
will draw in with any device that
causes them to carry out the
responsibility. Organizations should
figure out how to address shadow IT
and make a culture of
acknowledgment and protection
versus detection and punishment.
23
24. Cloud as a threat
• By 2020, 80% of new deals for cloud-
based access security brokers
(CASBs) will be bundled with a
network firewall, secure web gateway
(SWG) and web application firewall
(WAF) platforms. While concerns exist
about client migration to the cloud and
bundling buys, organizations should
evaluate the application deployment
guide and choose whether CASB
investment is justified.
24