IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Evasive malware threats doubled in 2019

Sophisticated methods of attack that dodge detection are becoming commonplace

The proportion of 'evasive' malware threats that sneak past signature-based detection systems surged towards the end of last year, almost doubling against figures from last year.

Related Resource

How enterprises are embracing cyber security challenges

Enterprises across Europe, the Middle East and Africa are undergoing a significant transformation

Download now

Evasive malware threats comprised 68% in the fourth quarter of 2019, versus an average of 35% in 2019, according to a report by WatchGuard. The surge in these threats, as well as zero-day malware, are largely missed by traditional antivirus engines and show that sophisticated methods of attack are becoming more commonplace among hackers.

SQL injection, meanwhile, rose an enormous 8000% in the last quarter of 2019 against 2018, and was the most common form of network attack by some distance.

“Our findings from Q4 2019 show that threat actors are always evolving their attack methods,” said WatchGuard CTO Corey Nachreiner. 

“With over two-thirds of malware in the wild obfuscated to sneak past signature-based defenses, and innovations like Mac adware on the rise, businesses of all sizes need to invest in multiple layers of security. 

“Advanced AI or behavioural-based anti-malware technology and robust phishing protection like DNS filtering will be especially crucial.”

Chiming with the findings of a Malwarebytes report last month, Mac malware has also experienced a surge in the last few months. WatchGuard researchers found Mac adware returned to its top ten threats list, while a former study revealed that Mac malware detections overtook Windows for the first time.

Elsewhere, the study found that among the most common threats is a legacy Microsoft Excel flaw from 2017, assigned CVE-2017-11882, still being exploited by cyber cirminals. This ‘doppler’ exploit is heavily targeted at users in the UK, among other nations, and involves downloading several types of malware onto victims’ systems.

WatchGuard recommended that users ramp up the sophistication of their cyber security defences in light of the surge in evasive malware threats. This advice includes implementing a layered defence, instead of simply installing endpoint antivirus on workstations. 

Such an approach of multiple types of anti-malware from the perimeter through to the endpoint, including at least one implementation of behavioural detection instead of just signature-detection, will seriously enhance protections against emerging threats.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

RATDispenser evades nine in ten anti-virus engines
Security

RATDispenser evades nine in ten anti-virus engines

24 Nov 2021
Hackers use Linux backdoor on compromised e-commerce sites with software skimmer
malware

Hackers use Linux backdoor on compromised e-commerce sites with software skimmer

19 Nov 2021
Out-of-hours ransomware attacks have a greater impact on revenue
ransomware

Out-of-hours ransomware attacks have a greater impact on revenue

18 Nov 2021
Millions of routers and NAS devices vulnerable to BotenaGo malware
malware

Millions of routers and NAS devices vulnerable to BotenaGo malware

12 Nov 2021

Most Popular

Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Macmillan Publishers hit by apparent cyber attack as systems are forced offline
Security

Macmillan Publishers hit by apparent cyber attack as systems are forced offline

30 Jun 2022
FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022