SonicWall Annual Threat Report: 5 crucial revelations

Retail breaches have led companies to adopt more proactive security measures

SonicWall, the trusted security partner protecting more than a million business networks globally, has announced the findings from its Annual Threat Report, which highlight the most notable advancements made by security professionals and cyber criminals in 2016.

Here are the five most important revelations from the report:

Security industry advances

High-profile retail breaches in 2014 led to companies adopting more proactive security measures. Since then, the industry has seen the implementation of chip-based POS (point of sale) systems, usage of the Payment Card Industry Data Security Standard (PCI-DDS) checklist and other ongoing security measures.

Secure Sockets Layer/Transport Layer Security (SSL/TLS) encrypted traffic grew by 38 percent last year, partly in response to growing cloud application adoption.

Dominant exploit kits disappeared in mid-2016

As 2016 began, the malware market was dominated by a handful of exploit kits, particularly Angler, Nuclear and Neutrino.

Following the arrest of more than 50 Russian hackers for leveraging the Lurk Trojan to commit bank fraud, the SonicWall GRID Threat Network saw the Angler exploit kit suddenly stop appearing, leading many to believe Angler’s creators were among those arrested.

Cyber criminal advances

The SonicWall GRID Threat Network detected a whopping increase in ransomware attacks: from 3.8 million in 2015 to an astounding 638 million in 2016. The rise of ransomware-as-a-service (RaaS) made ransomware significantly easier to obtain and deploy.

The unprecedented growth of the malware was likely also driven by easier access in the underground market, the low cost of conducting a ransomware attack, the ease of distributing it and the low risk of being caught or punished.

IoT devices compromised on massive scale

Poorly designed security features, opened the door for distributed denial-of-service attacks in 2016. With their integration into the core components of our businesses and lives, IoT devices provided an enticing attack vector for cyber criminals in 2016. Gaps in IoT security enabled cyber thieves to launch the largest distributed denial-of-service (DDoS) attacks in history in 2016, leveraging hundreds of thousands of IoT devices with weak telnet passwords to launch DDoS attacks using the Mirai botnet management framework.

Android devices saw increased security protections

Despite seeing increased security protections, Android devices remained vulnerable to overlay attacks. However, Google worked hard in 2016 to patch the vulnerabilities and exploits that cyber criminals have used against Android in the past, but attackers used novel techniques to beat these security improvements.