SonicWall Charts COVID-19’s Impact on Security Landscape

Let’s begin with some good news: malware volumes actually declined in the first half of 2020 by some 32% versus the same period last year. Before you begin celebrating, however, consider these important caveats:

• One reason for the drop in malware detections is because attacks formerly directed at offices are increasingly targeting remote workers at their firewall-free homes, where they’re harder to see. “The malware is not coming into the traditional enterprises. It’s coming into new places,” said SonicWall President and CEO Bill Conner yesterday during a virtual media gathering.
• As we’ll see shortly, another reason malware has declined this year is because attackers are switching to ransomware instead.

Meanwhile, though malware volumes may be down so far this year, malware variants are up. In fact, SonicWall identified 315,395 new malware variants in the first six months of 2020, a 62% year-over-year spike.

Worse yet, the latest malware is harder to find too. In fact, many of the new malware strains introduced this year slipped past SonicWall’s Capture Advanced Threat Protection (ATP) sandbox technology and would have evaded detection altogether if not for another Capture ATP feature called Real-Time Deep Memory Inspection (RTDMI). Introduced in 2018, that system uses CPU instruction tracking and machine learning to spot encrypted attacks designed to lie dormant when detonated in a sandbox. RTDMI found 120,910 of this year’s previously unsees malware variants.