Malware is becoming increasingly difficult for security software to spot

Representational image depecting cybersecurity protection
(Image credit: Shutterstock)

Malware is becoming increasingly difficult for security software to spot, as new variants come with increasingly sophisticated evasion capabilities. This is according to a report from WatchGuard Technologies, which claims that the number of evasive malware detections has risen to record levels.

The paper states that almost four in five (78%) of all malware delivered via encrypted connections is evasive. Overall, more than two-thirds (67%) of malware detections came over encrypted connections and, among this group, 78% were evasive zero-day threats capable of bypassing basic protections.

An unfortunate pattern is beginning to emerge, as the quantity of evasive malware has been steadily growing from quarter to quarter. WatchGuard Technologies says threats such as these can often be stopped at the perimeter with the help of firewalls that decrypt and scan incoming traffic. 

TechRadar needs yo...

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.

>> <a href="" data-link-merchant=""" target="_blank">Click here to start the survey in a new window <<

Attacking the same old flaws

Unfortunately, the report further states, many organizations are failing to put sufficient protections in place.

And worse, the total number of detected network attacks is on the rise. An analysis of the past three years shows that Q1 2022 saw the most detections, with a 39% increase quarter-on-quarter.

One of the reasons, the researchers claim, is the fact that many threat actors try to abuse known vulnerabilities. Another is the growth of business networks, which means more vulnerable endpoints.

Advanced threats rose by a third (33%) suggesting a higher level of zero-day threats than ever before.

For Corey Nachreiner, CSO at WatchGuard, remote working is causing businesses a lot of trouble, and the only way to solve the security conundrum is to adopt a unified security approach.

“With the highest level of zero-day threats we’ve ever recorded and an attack surface that extends well beyond the network perimeter to IoT, home networks and mobile devices, companies need to adopt a true unified security approach that can adapt quickly and efficiently to the growing threat landscape,” he said.

“Organizations should make a commitment to implementing simple but critically important measures like updating and patching systems on a regular basis so they’re not enabling hackers.”

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.