A recent analysis of SonicWall’s “2024 Mid-Year Cyber Threat Report” paints a concerning picture of the current cybersecurity environment, with significant increases in attack frequency, malware variants and potential financial impacts for businesses.
Shelly Kramer, managing director and principal analyst at SecurityANGLE, discussed the report’s findings with Douglas McKee, executive director of threat research at SonicWall, on a recent episode of our security-focused podcast, the SecurityANGLE, highlighting several key areas of concern.
Watch the full episode here:
Cyber Threat Report: An unrelenting onslaught challenges businesses
One of the most striking revelations is the sheer volume and frequency of cyberattacks.
According to Kramer, “The report indicates that SonicWall sensors detected attack activity for 125% of a standard 40-hour work week. That means there are essentially 50 hours of critical attacks happening in the space of 40 working hours. No wonder CISOs don’t sleep well, if at all.”
The report introduces a new metric tying attacks to tangible business impact. McKee explained the approach: “We’re measuring attacks, equating for time and frequency. It’s like measuring rain — would you count the raindrops or talk about the amount of rainfall over a given period of time?”
Tackling the financial risk to business using this metric reveals that at least 12.6% of all corporate revenues are exposed to cyber threats without proper protection. For a $10 million company, this equates to a potential risk of $1.2 million from a cyberattack. Extrapolate that out to a full year, and that potential risk number rises to $30 million.
Malware continues to be a primary tool for cyber criminals, with the report indicating a 30% spike in malware volume over the first five months of 2024. McKee noted, “We’ve seen 536 new variants of malware on average a day.”
Ransomware attacks are also on the rise, with threat actors employing geographically tailored strategies. McKee shared, “In North America, we saw about a 15% increase … and we saw a 51% increase in Latin America.”
This is likely due to threat actors recognizing opportunities in certain markets that are less advanced from a cybersecurity standpoint and shifting their targeted attacks in that direction.
The internet of things remains a particularly vulnerable target, with attacks surging by 107% in just five months. “Three of the top five most widespread attacks affecting the most of our customers and partners are IoT devices,” McKee revealed.
Encrypted threats have seen a significant jump of 92%, indicating increased sophistication among threat actors. McKee explained, “Encryption is well known to help in the evasion of security vendors’ tools or defensive technology.”
Unprecedented malware surge: 78,000 new strains detected in early 2024
The report also highlighted the emergence of “never before seen” malware variants, with 78,000 new strains identified in the first five months of 2024 alone. This translates to an average of 526 new strains daily, potentially aided by AI technology.
Kramer emphasized the rapidly evolving nature of the cybersecurity landscape: “All of the advancements in the tech sector that we’ve seen over the course of the last five and 10 years, everything has sped up. As a result, it’s not surprising that we’ve seen this threat landscape speed up and challenges come winging at us faster than ever before.”
When asked about advice for organizations facing these evolving threats, McKee stressed the importance of collaboration: “Don’t try to do it alone … leveraging a partner or a SOC to do 24/7 monitoring is really key in making sure that you’re protected around the clock, 365.”
He also emphasized the importance of staying informed: “Make sure you’re reading the threat reports from other companies that are focusing on different verticals. Make sure you understand what’s specific to your industry. Data empowers decisions.”
As cyber threats continue to evolve and intensify, it’s clear that organizations must remain vigilant, informed and proactive in their approach to cybersecurity. The insights provided by SonicWall’s report offer a valuable resource for businesses seeking to protect themselves in an increasingly dangerous digital landscape.
Download the SonicWall 2024 Mid-Year Cyber Threat Report here.