Orange Cyberdefense, Europe’s largest managed security services provider, has announced the findings of its inaugural Security Navigator, which reveals a huge 23% decline in the number of recorded malware incidents in 2019, a year which also saw an increase in the total number of security events.
Security Navigator 2020 combines the unique perspective of Orange, as one of the world’s largest telecommunications operators, and Orange Cyberdefense, one of Europe’s leading security companies which, last year, analysed 263,109 events from data obtained from its 10 CyberSOCs and 16 SOCs. Out of these events, Orange Cyberdefense identified 11.17% as verified security incidents. This represents a 34.4% increase over the previous year’s rate of 8.31%. This is significant considering the total number of events grew by less than 3%.
One of the Security Navigator’s key findings was a considerable decline in malware incidents. Of the events analysed, only 22% of incidents could be classified as malware-related in 2019, compared to 45% in the previous year. During the same period, application anomalies increased from 36% to 46% to claim the top spot as the most common incident cause in 2019.
“The findings don’t mean that malware is no longer a significant threat; far from it,” said Charl van der Walt, Head of Security Research at Orange Cyberdefense. “What it does suggest is that endpoint-centred prevention can significantly reduce the risk to businesses. What we see here is very likely the immediate result of investment in next-gen endpoint protection. While elaborate malware and APTs used in targeted attacks still do pose a serious threat, the skill level of the common cybercriminal simply does not match up-to-date endpoint protection anymore. And that is good news.”
The Security Navigator also revealed that malware-related incidents drop off during peak holiday periods in April, mid-July and early December, which indicates that cybercriminals are continuing to adopt a more professional nine-to-five-mentality.
“As odd as it seems, hackers do now appear to be taking regular holidays,” said van der Walt. “This may explain the drop in April, when attacks slowed due to an early Easter holiday, as well as summer holidays and Christmas at the end of the year.”
Additional findings from the Security Navigator include:
- Crypto crime on the decline: Despite the value of Monero, Ethereum, Litecoin and Bitcoin reaching a new peak in early summer 2019, Orange Cyberdefense observed no effect on the frequency of crytomnining attacks, which indicates that cryptomining as a threat is in decline. Previously, we’ve witnessed mining directly follow the trade value of cryptocurrencies.
- Business critical attacks on the rise: While still very low, the number of attacks deemed business critical, doubled to 0.11% in 2019, a rate that is comparable to 2017. It is a stark reminder of the risk posed by poor security posture.
- COVID-19 and cybersecurity: Cyberthreat actors have tried to capitalise on the global health crisis. On March 24, 2020, alone, one Orange Cyberdefense CERT team tracked 23 unique COVID-19-based phishing mails over a 24-hour period. In addition, during the same week, customers reported more than 600 potentially fraudulent emails, 10% of which has proven to be malicious – four times higher than in the previous week.