TRENDING
these attacks were Windows-based malware
and 98% were aimed at India and Singapore.
Nearly half of all malware eludes
basic anti-virus (AV) solutions
WatchGuard UTM appliances block malware
using both legacy signature-based detection
techniques and a modern, proactive
behavioural detection solution – APT Blocker.
When APT Blocker catches a malware
variant, it means the legacy AV signatures
missed it. This zero day malware (a term for
malware that is able to evade traditional
signature-based AV) accounted for 46%
of all malware in Q1. This level of zero-
day malware suggests that criminals are
continuing to use obfuscation techniques to
beat traditional AV services, emphasising the
importance of behaviour-based defences.
“
ONE WAY EVERY
ORGANISATION CAN BECOME
MORE SECURE AGAINST THESE
SOPHISTICATED, EVASIVE THREATS IS
TO DEPLOY DEFENCES ENABLED WITH
ADVANCED MALWARE PREVENTION
LIKE OUR APT BLOCKER SERVICE.
top 10 malware list after several quarters
of absence.
Mimikatz targets the US, skips
Asia Pacific Two thirds of the detection of this malware
was in the United States and less than 0.1%
of detections were in APAC, possibly due to
the complexity of double-byte characters in
countries like Japan that use a symbol-based
language for passwords.
The Mimikatz Windows credential-stealing
malware reappeared on WatchGuard’s The complete Internet Security Report
features a detailed breakdown of the record-
30
INTELLIGENTCIO
breaking GitHub 1.35 Tbps DDoS attack, as
well as analysis of the quarter’s top malware
and network attacks and key defence tactics
for SMBs.
This quarter’s conclusions are based on
anonymised Firebox Feed data from nearly
40,000 active WatchGuard UTM appliances
worldwide, which blocked more than 23
million malware variants (628 per device)
and more than 10 million network attacks
(278 per device) in Q1 2018. n
www.intelligentcio.com