Malware is becoming increasingly difficult for security software to spot, as new variants come with increasingly sophisticated evasion capabilities. This is according to a report from WatchGuard Technologies, which claims that the number of evasive malware detections has risen to record levels.
The paper states that almost four in five (78%) of all malware delivered via encrypted connections is evasive. Overall, more than two-thirds (67%) of malware detections came over encrypted connections and, among this group, 78% were evasive zero-day threats capable of bypassing basic protections.
An unfortunate pattern is beginning to emerge, as the quantity of evasive malware has been steadily growing from quarter to quarter. WatchGuard Technologies says threats such as these can often be stopped at the perimeter with the help of firewalls that decrypt and scan incoming traffic.
Attacking the same old flaws
Unfortunately, the report further states, many organizations are failing to put sufficient protections in place.
And worse, the total number of detected network attacks is on the rise. An analysis of the past three years shows that Q1 2022 saw the most detections, with a 39% increase quarter-on-quarter.
One of the reasons, the researchers claim, is the fact that many threat actors try to abuse known vulnerabilities. Another is the growth of business networks, which means more vulnerable endpoints.
Advanced threats rose by a third (33%) suggesting a higher level of zero-day threats than ever before.
For Corey Nachreiner, CSO at WatchGuard, remote working is causing businesses a lot of trouble, and the only way to solve the security conundrum is to adopt a unified security approach.
“With the highest level of zero-day threats we’ve ever recorded and an attack surface that extends well beyond the network perimeter to IoT, home networks and mobile devices, companies need to adopt a true unified security approach that can adapt quickly and efficiently to the growing threat landscape,” he said.
“Organizations should make a commitment to implementing simple but critically important measures like updating and patching systems on a regular basis so they’re not enabling hackers.”
