Malware is becoming increasingly difficult for security software to spot

Malware is becoming increasingly difficult for security software to spot, as new variants come with increasingly sophisticated evasion capabilities. This is according to a report from WatchGuard Technologies, which claims that the number of evasive malware detections has risen to record levels.

The paper states that almost four in five (78%) of all malware delivered via encrypted connections is evasive. Overall, more than two-thirds (67%) of malware detections came over encrypted connections and, among this group, 78% were evasive zero-day threats capable of bypassing basic protections.

An unfortunate pattern is beginning to emerge, as the quantity of evasive malware has been steadily growing from quarter to quarter. WatchGuard Technologies says threats such as these can often be stopped at the perimeter with the help of firewalls that decrypt and scan incoming traffic. 

TechRadar needs you!

We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.

>> Click here to start the survey in a new window

Attacking the same old flaws

Unfortunately, the report further states, many organizations are failing to put sufficient protections in place.

And worse, the total number of detected network attacks is on the rise. An analysis of the past three years shows that Q1 2022 saw the most detections, with a 39% increase quarter-on-quarter.

One of the reasons, the researchers claim, is the fact that many threat actors try to abuse known vulnerabilities. Another is the growth of business networks, which means more vulnerable endpoints.

Advanced threats rose by a third (33%) suggesting a higher level of zero-day threats than ever before.

For Corey Nachreiner, CSO at WatchGuard, remote working is causing businesses a lot of trouble, and the only way to solve the security conundrum is to adopt a unified security approach.

“With the highest level of zero-day threats we’ve ever recorded and an attack surface that extends well beyond the network perimeter to IoT, home networks and mobile devices, companies need to adopt a true unified security approach that can adapt quickly and efficiently to the growing threat landscape,” he said.

“Organizations should make a commitment to implementing simple but critically important measures like updating and patching systems on a regular basis so they’re not enabling hackers.”

Go to Source