International. The latest report from WatchGuard's Threat Lab, which analyzed the behavior of cyberattacks in the fourth quarter of 2021, indicates that attacks on the network are at their highest point in the last three years. It also highlights the rise of evasive malware and zero-day threats with an all-time high.
The results of this report detail that Europe, the Middle East and Africa quadrupled the detection of attacks on their network, while in the rest of the globe malware has increased to almost double. However, 66.7% of malware continues to arrive through encrypted connections and advanced threats increased by 33%, which translates into the highest historical level of zero-day threats recorded by this study. While network detections continued on an upward trajectory, the Americas received the most attacks.
Corey Nachreiner, Chief Security Officer at WatchGuard, commented, "With the highest level of zero-day threats we've ever recorded and an attack surface that extends far beyond the network perimeter to IoT, home networks, and mobile devices, enterprises must embrace a true unified security approach that can adapt quickly and efficiently. the growing threat landscape. Organizations must commit to implementing simple, but critically important measures, such as updating and patching systems on a regular basis so they don't allow hackers." He added that the current transition to hybrid work leads to an increase in attack surfaces, creating more potential security holes in organizations.
Other relevant points of the security report
Network intrusion detections reached their highest point in the last three years, the report suggests that it may be due to organizational growth with untreated weaknesses, where new devices are connected and old vulnerabilities remain unpatched, making ensuring network security complex.
Overall, 67% of malware detections came through an encrypted connection , and within those detections, 78% were evasive zero-day malware threats. Threats that, according to the document, could often be stopped at the perimeter by setting up firewalls to decrypt and scan incoming traffic.
For its part, the text states that a significant incidence of malware targeting Office documents was observed. There, CVE-2018-0802 ranks fifth in the list of the top 10 malicious programs and is also included in the list of most widespread malicious programs. Researchers point out that it may have replaced CVE-2017-11882 as the main Office exploit.
In addition, two new domains were added to the list of top malware domains detected by WatchGuard. Of these, Skyprobar stands out[.] info, which was linked to Emotet, a banking Trojan that had been reduced by the US public forces and resurfaced just at the end of 2021.
