Ransomware attacks decline but other targets on the rise

SonicWall's 2019 Threat Report indicates there have been some successes but problems persist elsewhere, which is echoed by findings from CyberArk

The need to step up defences against ransomware is a message that seems to have been received and understood by British businesses.

The latest SonicWall 2019 Threat Report has indicated that the UK has seen a 59% decrease in ransomware, but still suffered more than four million attacks last year.

The form of attack might have dropped because of increased awareness, after the UK suffered the high profile WannaCry problems, and also because the channel is doing more to ensure it is not in the firing line dealing with customers that have been victims.

Although the ransomware drop was a positive there were plenty of other stats thrown up by the SonicWall report that indicated that the attackers continue to widen their attack targets.

SonicWall blocked 52bn malware attacks last year, the highest it has so far recorded, and the firm saw a 5% increase in IoT targeted issues and a 56% increase in web app problems.

“Cyber perpetrators are not letting up in their relentless pursuit to illegally obtain data, valuable information and intellectual property,” said Bill Conner, President and CEO, SonicWall.

“We must be unyielding in this cyber arms race. Sharing vital threat information with our customers and partners provides them a tactical advantage. But it’s also important to arm those at the forefront of this battle with this intelligence, promote global awareness of the threat landscape and continue to facilitate important dialogue around today’s most prevalent cyber threats," he added.

Research from CyberArk added more insight into the threats being faced by UK firms with the security player highlighting failures by customers to secure business critical applications as a major cause of disruption and data loss.

The vendor found that the vast majority of customers are looking to move more apps into the cloud but there was a current disconnect between where security strategies were being focused and what was of real value to the business.

“From banking systems and R&D to customer service and supply chain, all businesses in all verticals run on critical applications. Accessing and disrupting these applications is a primary target for attackers due to their day-to-day operational importance and the wealth of information that resides in them – whether they are on-premises or in the cloud,” said David Higgins, EMEA technical director at CyberArk.

“CISOs must take a prioritised, risk-based approach that applies the most rigorous protection to these applications, securing in particular privileged access to them and assuring that, regardless of what attacks penetrate the perimeter, they continue to run uncompromised,” he added.

Read more on Data Protection Services