What is Dell’s Annual Threat Report?

Dell recently released its Annual Threat Report, which collected data throughout 2015 using the company’s SonicWALL Global Response Intelligence Defense network. The network provides daily feeds from more than one million firewalls and tens of millions of connected endpoints, Dell SonicWALL traffic and other industry sources.

The results paint a troubling picture: cyber-attackers continue to find success in their exploits, are increasing the number of malware attacks and are focusing their sights on smartphones.

What did Dell Find?

Based on Dell’s findings:

  • Malware attacks are seeing a marked increase, with Android being a prime target;
  • Exploit kits have evolved at a rapid pace; and
  • SSL/TLS encryption is allowing cybercriminals to conceal their exploits from companies’ firewalls.

“Many of the breaches in 2015 were successful because cybercriminals found and exploited a weak link in victims’ security programs due to disconnected or outdated point solutions that could not catch these anomalies in their ecosystem,” notes Curtis Hutcheson, general manager of Dell Security.

Malware Attacks Rapidly Increasing

Perhaps the most disturbing number to come out of Dell’s report is the fact that malware attacks have nearly doubled in 2015 to reach up to 8.19 billion.

“The threat vectors for malware distribution are almost unlimited, ranging from classic tactics like email spam to newer technologies including wearable cameras, electric cars, and Internet of Things (IoT) devices,” says Patrick Sweeney, vice president of product management and marketing at Dell Security.

Notable malware monitored in 2015 included Dyre Wolf, Parite, TongJi and Virut. In addition, 2015 saw the resurgence of Conficker, which targets the Microsoft Windows operating system.

Smartphones Under Attack

What 2015 also showed is that cyber-attackers are increasingly targeting smartphones, specifically the Android ecosystem, “which accounts for a majority of all smartphones globally,” Dell says.

On the Android front, Dell identified several trends:

  • Android-specific ransomware accelerated in 2015
  • A new Android malware stored its contents on a Unix library file, rather than the classes.dex file that are typically scanned by security systems
  • Attackers are targeting the financial sector with numerous threats that target banking apps on devices that have been compromised

Exploit Kits on the Rise

Dell noted an increase in the use of exploit kits, with the most active kits including Angler, Nuclear, Magnitude and Rig.

Exploit kits are malicious toolkits used to exploit security holes found in software applications for the purpose of spreading malware, according to anti-malware firm Malwarebytes.

The Annual Threat Report shows that cybercriminals used several tactics to hide these exploit kits from security systems, including anti-forensic mechanisms; URL pattern changes; steganography which is concealing the file, message, image, or video within another file, message, image, or video; and modifications in landing page entrapment techniques.

What Can I Do?

Cybersecurity Tips for 2016

With a firm understanding on the key risks identified in 2015, organizations can begin taking steps to beef up their cybersecurity efforts.

“Each successful attack provides an opportunity for security professionals to learn from others’ oversights, examine their own strategies and shore up the holes in their defense systems,” Dell’s Hutcheson says.

Organizations should begin to:

  • Inspect every packet on their network and validate every entitlement for access
  • Follow security best practices by keeping up with updates and patches to their software and systems, which is helpful in defeating exploit kits
  • Train employees and customers on best practices around Android, by only installing applications from trusted app stores such as Google Play and avoiding rooting their phones

For more information on the Dell SonicWALL Global Response Intelligence Defense network, or to test a Dell SonicWALL device through a complementary, risk-free network assessment, contact one of our top security experts today.