"74% of Q1 Malware Was Undetectable Via Signature-Based Tools"

WatchGuard Technologies analyzed threat data collected from customer networks during the first quarter of 2021. The analysis revealed that 74 percent of threats detected were zero-day malware, which were able to evade signature-based threat detection tools and breach enterprise systems. According to the security vendor, the number of zero-day malware detections in the first quarter was the highest number that WatchGuard has ever seen in a single quarter. This finding calls on enterprises and organizations of all sizes to take proactive malware detection more seriously. Attackers continue to get better at repackaging old malware so that its binary profile does not match previous fingerprints used to detect it. Tools that make it easy for attackers to digitally alter the same malware in order to bypass signature-based systems are now more readily available. WatchGuard's analysis also found that network attack volumes reached a three-year high in the first quarter of this year, with over 4.2 million hits on its intrusion prevention systems at customer suites. The company's Firebox appliances blocked an average of 113 attacks per appliance, a 47 percent increase over the previous quarter. WatchGuard observed a decline in malware using encrypted communications during the first quarter. The vendor says malware sent over encrypted communication declined below 44 percent last quarter, which is a 10 percent decrease from the third quarter of 2020 and a 3 percent drop from the fourth quarter of 2020. Findings surrounding the first quarter of 2021 emphasize the need for organizations to implement more advanced protections than signature and pattern-based tools. Organizations need controls for blocking threats prior to execution and for detecting and responding to them after execution. This article continues to discuss WatchGuard's findings regarding the rise in zero-day malware and network attack volumes.

Dark Reading reports "74% of Q1 Malware Was Undetectable Via Signature-Based Tools"

 

Submitted by Anonymous on