WatchGuard Technologies’ latest quarterly Internet Security Report shows a massive 62% increase in overall malware detections in Q1 2019 compared to the previous quarter.
The report also found that cyber criminals are leveraging a wide array of varied attack techniques, including malicious Microsoft Office documents, Mac malware and web application exploits.
These results illustrate that hackers are doubling down on well-known tactics like credential theft and ransomware by utilising fake Office documents and other attack vectors that require advanced defences to combat a wider variety of threat vectors.
More than 17% of WatchGuard Fireboxes blocked malicious Office documents, with two threats in this category making it into WatchGuard’s most widespread malware list, and one in the top 10 malware attacks by volume.
Over half of these malicious documents were blocked in EMEA. The advice to users is to avoid interacting with unsolicited Office documents and consider any attachments that seek to enable macros as a threat.
“The key findings from this latest report illustrate the importance of layered security protections in today’s advanced threat landscape,” said Corey Nachreiner, chief technology officer at WatchGuard Technologies.
“Whether it be DNS-level filtering to block connections to malicious websites and phishing attempts, intrusion prevention services to ward off web application attacks, or multi-factor authentication to prevent attacks leveraging compromised credentials – it’s clear that modern cyber criminals are leveraging a bevy of diverse attack methods. The best way for organisations to protect themselves is with a unified security platform that offers a comprehensive range of security services.”
Mac OS malware is also on the rise, according to the report. Mac malware first appeared on WatchGuard’s top 10 malware list in Q3 2018, and now two variants have become prevalent enough to make the list in Q1 2019. This increase in Mac-based malware further debunks the myth that Macs are immune to viruses and malware and reinforces the importance of advanced threat protection for all devices and systems.
Web application exploits are also soaring. Despite a decrease in the overall volume of network attacks, web application attacks grew significantly. WatchGuard’s IPS service caught attackers exploiting many cross-site scripting (XSS) and SQL injection (SQLi) vulnerabilities – both popular methods for credential theft. Two SQLi attacks made it onto WatchGuard’s top 10 network attacks list, while one web XSS attack accounted for more than 10% of network attacks on the top 10 list overall.
The complete report explores the most impactful malware and attack trends from Q1 2019 and can be downloaded here.
Read the latest edition of PCR’s monthly magazine below: