Ransomware Up 627% in Latest Internet Security Report

Despite an observed decrease at the network level of detected malware last quarter, ransomware at the endpoint level surged 627%, according to the latest Internet Security Report from data security provider WatchGuard. What's the explanation?

According to WatchGuard, some 93% of malware is hiding behind encryption, and about 80% of the company's customers have not enabled https decryption in their firewalls, so the malware is going largely undetected until it reaches endpoints, where detections increased 22% overall.

"We continue to warn that most malware hides in the SSL/TLS encryption used by secured websites. Q4 continues that trend with a rise from 82% to 93%. If you don’t inspect this traffic, you are missing most malware — at least with your network security controls (endpoint security does still have a chance to catch it)."

The Internet Security Report is based on anonymized data collected from WatchGuard's Firebox appliances around the world. According to Watchguard: "Customer Fireboxes send a flurry of malware detections to our threat intelligence database, keeping us apprised of the latest trends. Network administrators who manage these Fireboxes have graciously allowed their devices to provide these anonymized detection reports to us. We analyze their details to understand what the malware landscape looked like last quarter and to investigate any trends or irregularities. With the data from this report, and previous ones, we can sometimes forecast what future malware trends might look like. We also make some conclusions and offer takeaways on defending against the current and future malware landscape."

The report also noted that overall network attacks were flat in the fourth quarter of 2022 compared with the previous quarter.

Among the other findings and recommendations:

  • Network-level detections of malware were down 9.2% for the quarter, despite endpoint detections being up. Recommendation: Inspect SSL/TLS traffic from secure websites before it reaches the endpoint.

  • Phishing attacks have increased. "Phishing and business email compromise (BEC) remains one of the top attack vectors, so make sure you have both the right preventative defenses and security awareness training programs to defend against it."

  • Lockbit continues to be a leading malware group for ransomware. "We continue to see Lockbit variants often, and they are definitely the group that seems to have the most success breaching companies (through their affiliates) with ransomware."

  • ProxyLogin exploits are growing. According to the report: "An exploit for this well-known, critical Exchange issue rose from eighth place in Q3 to fourth place last quarter. It should be long patched, but if not, you should know attackers are targeting it."

The complete report is freely available on WatchGuard's site. It includes an executive summary and further details and analysis of findings from the quarter.

About the Author

David Nagel is the former editorial director of 1105 Media's Education Group and editor-in-chief of THE Journal, STEAM Universe, and Spaces4Learning. A 30-year publishing veteran, Nagel has led or contributed to dozens of technology, art, marketing, media, and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at https://www.linkedin.com/in/davidrnagel/ .


Featured

  • AI-powered individual working calmly on one side and a burnt-out person slumped over a laptop on the other

    AI's Productivity Gains Come at a Cost

    A recent academic study found that as companies adopt AI tools, they're not just streamlining workflows — they're piling on new demands. Researchers determined that "AI technostress" is driving burnout and disrupting personal lives, even as organizations hail productivity gains.

  • shield with an AI microchip emblem hovering above stacks of gold coins

    Report: AI Security Spend Surges While Traditional Security Budgets Shrink

    A new report from global cybersecurity company Thales reveals that while enterprises are pouring resources into AI-specific protections, only 8% are encrypting the majority of their sensitive cloud data — leaving critical assets exposed even as AI-driven threats escalate and traditional security budgets shrink.

  • brass balance scale with a black rotary telephone on one side and a stack of gold coins on the other

    Supreme Court Upholds Universal Service Fund

    In a 6-3 decision, the United States Supreme Court has upheld the constitutionality of the Universal Service Fund, the primary funding source behind the E-Rate program.

  • open laptop displaying an AI head graphic, with glowing icons of a padlock, graduation cap and paper, and a secure database floating beside it

    Survey: AI Optimism Is Rising, but Cheating and Privacy Concerns Persist

    Artificial intelligence is evolving rapidly — both in how it's used and how it's perceived in K-12 education. As a result, schools and districts are under increasing pressure to adapt and respond to the changes AI is driving.