Evasive malware threats doubled in 2019

Sophisticated methods of attack that dodge detection are becoming commonplace

The proportion of 'evasive' malware threats that sneak past signature-based detection systems surged towards the end of last year, almost doubling against figures from last year.

Related Resource

How enterprises are embracing cyber security challenges

Enterprises across Europe, the Middle East and Africa are undergoing a significant transformation

Download now

Evasive malware threats comprised 68% in the fourth quarter of 2019, versus an average of 35% in 2019, according to a report by WatchGuard. The surge in these threats, as well as zero-day malware, are largely missed by traditional antivirus engines and show that sophisticated methods of attack are becoming more commonplace among hackers.

Advertisement - Article continues below

SQL injection, meanwhile, rose an enormous 8000% in the last quarter of 2019 against 2018, and was the most common form of network attack by some distance.

“Our findings from Q4 2019 show that threat actors are always evolving their attack methods,” said WatchGuard CTO Corey Nachreiner. 

“With over two-thirds of malware in the wild obfuscated to sneak past signature-based defenses, and innovations like Mac adware on the rise, businesses of all sizes need to invest in multiple layers of security. 

“Advanced AI or behavioural-based anti-malware technology and robust phishing protection like DNS filtering will be especially crucial.”

Chiming with the findings of a Malwarebytes report last month, Mac malware has also experienced a surge in the last few months. WatchGuard researchers found Mac adware returned to its top ten threats list, while a former study revealed that Mac malware detections overtook Windows for the first time.

Advertisement
Advertisement - Article continues below

Elsewhere, the study found that among the most common threats is a legacy Microsoft Excel flaw from 2017, assigned CVE-2017-11882, still being exploited by cyber cirminals. This ‘doppler’ exploit is heavily targeted at users in the UK, among other nations, and involves downloading several types of malware onto victims’ systems.

Advertisement - Article continues below

WatchGuard recommended that users ramp up the sophistication of their cyber security defences in light of the surge in evasive malware threats. This advice includes implementing a layered defence, instead of simply installing endpoint antivirus on workstations. 

Such an approach of multiple types of anti-malware from the perimeter through to the endpoint, including at least one implementation of behavioural detection instead of just signature-detection, will seriously enhance protections against emerging threats.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/security/malware/28083/the-five-best-free-malware-removal-tools
Security

Best free malware removal tools 2019

2 Mar 2020
Visit/antivirus/28144/best-antivirus
antivirus

Best antivirus for Windows 10

3 Sep 2019

Most Popular

Visit/security/ransomware/355891/nasa-it-contractor-ransomware-hack
ransomware

Ransomware collective claims to have hacked NASA IT contractor

3 Jun 2020
Visit/mobile/5g/355911/the-uk-pivots-to-japan-for-5g-equipment
5G

The UK looks to Japan and South Korea for 5G equipment

4 Jun 2020
Visit/data-insights/data-science/355678/how-data-science-is-transforming-business
Sponsored

How data science is transforming business

29 May 2020