Malware incidents fell by 23% in 2019 despite an overall increase in security events, according to Orange Cyberdefense in its inaugural Security Navigator report. The findings suggest that businesses have grown investment in technologies that protect themselves from these kinds of threats, leading cyber-criminals to shift to other types of attack.
Of the security events the cybersecurity company analyzed last year, only 22% were classified as malware-related, which compared to 45% in the previous year.
Despite this, out of 263,109 events Orange Cyberdefense uncovered in 2019 from data obtained from its 10 CyberSOCs and 16 SOCs, 11.17% were identified as verified security incidents, representing a 34.4% rise compared to 2018. This is particularly significant considering the total number of events increased by only 3%. The most common incident cause last year was application anomalies, which grew from 36% to 46%.
“The findings don’t mean that malware is no longer a significant threat; far from it,” said Charl van der Walt, head of security research at Orange Cyberdefense. “What it does suggest is that endpoint-centered prevention can significantly reduce the risk to businesses. What we see here is very likely the immediate result of investment in next-gen endpoint protection. While elaborate malware and APTs used in targeted attacks still do pose a serious threat, the skill level of the common cyber-criminal simply does not match up-to-date endpoint protection anymore. That is good news.”
Malware-related incidents were observed to drop off during peak holiday periods in April, mid-July and early December, indicating that cyber-criminals take breaks in these periods in line with businesses.
The report also revealed there was no change in the frequency of cryptomining attacks despite the value of Monero, Ethereum, Litecoin and Bitcoin reaching a new peak in early summer 2019, suggesting this type of threat is in decline. Worryingly however, the number of attacks deemed business-critical doubled to 0.11% in 2019.