As the enterprise security brand of Quick Heal Technologies Ltd., Seqrite develops security management products across endpoints, mobile devices, servers and networks. By building upon our data on threat research, intelligence and cybersecurity, our recently released Annual Threat Report 2020 aim to provide a detailed understanding of malware of 2019.
While the full report can be found on this link, here is a brief summary of the most significant findings from the report:
Malware infection continues to be a threat
Seqrite detected over 146 million malware in 2019 which is massive in number. The highest detection of malware happened in Q4 – 2019 which saw 46 million malware detected. In terms of hourly malware detection highlights for 2019, 16,732 cases were the maximum seen.
Trojan continues to be a danger
In terms of category-wise malware detection statistics, Trojan malware continued to remain popular with just above 25 million detections in 2019. It remained a threat throughout the year, seeing a major upsurge in the last quarter.
Q4 sees a spike in malware
From the data, it is quite evident that malware sees a pronounced spike towards the end of the year. Seqrite detected 46 million malware in Q4, compared to a little above 35 million in Q3, 30 million in Q2 and 25 million in Q1. November and December 2019 also saw the largest number of malware attacks with over 18 million detected in December and above 14 million detected in November.
Real-Time Scan remains a big plus
In terms of malware detection, Real-Time protection methodology is a clear winner and a big differentiator. 51% of malware was detected through Real-Time Scan while the second most effective methodology was Behavioral Detection Scan with 23%. On-Demand Scan came a close third with 22%.
The topmost detected malware
The data showed that the following malware were detected the most on business endpoints:
- Pioneer.CZ1 was the most detected malware detected on 22% of endpoints. It is a file infector which performs malicious activities sending it to a CNC server.
- Sality.U was detected on 13% of endpoints and is a file infector which performs a range of harmful activities including stealing confidential data from the system
- KillAv.Dr was detected on 12% of endpoints stealing IP information and other personal data.
The manufacturing sector remains at highest risk
The manufacturing sector saw the highest number of malware attacks in 2019 with over 8 million detections. The education and the professional sectors were second and third on the list with over 7 million and around 6 million attacks, respectively.
APT attacks will continue
The Annual Threat Report 2020 also has a detailed section on Advanced Persistent Threats (APTs) which are designed to infiltrate high-value targets important to national governments such as the military, power grids, nuclear plants, etc. APTs are typically used by nation-states for cyber warfare.
Seqrite analyzed two APT attacks against important Indian government organizations in 2019. Operation m_project is a long-running cyber-espionage campaign against Indian government organizations since 2015 and targets defence organizations, government media houses and protection & security organizations
Seqrite Labs also analyzed the alleged cyber-attack on a Nuclear Power Plant in India and tried to decipher the modus operandi. The incident raised huge questions on the security aspects of critical national infrastructure and it was alleged that an infamous group from North Korea was behind the attack. Seqrite Labs hypothesized that the targeted attack could have been carried out by spear-phishing emails.
Be sure to read the full report for more details on the key findings mentioned in the report. Seqrite continues to be the leading source for the most relevant threat intelligence in the world of enterprise security.