back to article As the world secures itself, so do crims: Encrypted malware on the rise, warns Sonicwall

Scanning of random ports and the use of encrypted malware by online criminals is on the rise, according to a threat report by Sonicwall. By the end of 2018, around 20 per cent of all malware attacks (based on Sonicwall’s sampling of what it says were 700 million such intrusions) were coming through non-standard ports – a sum …

  1. steviebuk Silver badge

    IoT

    So IoT attacks up 55, that will increase the more IoT shit is out there with said companies not bothering to put any security on them. And will this give the Orange one and his idiot shills more excused to "ban encryption". If that's the cause then lets ban the cloud or even the Internet considering malware is becoming RaaS, that's SaaS fault.

    1. Pascal Monett Silver badge

      IoT is a plague on security and will stay that way until Joe Schmuck gets his fancy automated house overrun by malware and nothing works any more. Only when his heater in on full in the middle of summer, his doorbell is constantly ringing, his lightbulbs are not lighting up but they are playing the Valkyries at full blast and his security cameras are posting everything on YouTube automatically, only then will he start wondering if all that was a good idea.

      Then he'll ask Siri and the Internet will implode.

      1. Paul Crawford Silver badge

        playing the Valkyries at full blast

        On banjos. If you really want that end of civilisation feeling...

        1. Anonymous Coward
          1. MiguelC Silver badge

            It sort of has a Western Spaghetti feel... was expecting Bud Spencer to enter stage at any point :)

            1. Fungus Bob
              Thumb Up

              Upvote for the Bud Spencer reference.

      2. Anonymous Coward
        Anonymous Coward

        IOT is going nowhere..

        That's the problem, even a huge problem like an IOT FRIDGE (yes fridge) which worked as an entry point for malware into the NHS years ago didn't stop us running full pelt to get more IOT **** into hospitals. We even have dedicated teams looking for ways to throw more into the soup of NHS IT.

        Nobody is resourced to properly assess these devices, nobody. So why are buying them?

        1. GnuTzu
          Mushroom

          Re: IOT is going nowhere.. -- and Apps

          IoT, like apps--oh wait, IoT and apps go together!!!

          They want a captured market. Can't tell Chrome to never prompt for desktop notifications--which irritates me to no end. Desktop notifications, apps, IoT, and the savings club cards they want to sign you up for at the grocery are all about getting into your life in a way that makes you a kind of property--their property.

          And, that means there is a massively strong market motivation to keep pushing this--regardless of the risk--however massive. And, yes that means that IoT and apps are here--and integrated into each other--and are destined for massive growth.

          Anyone crap their pants yet?

      3. TheSkunkyMonk

        I'd probably watch that :D

  2. JulieM

    The Fix

    There is a simple fix for all these shenanigans.

    We need an Operating System that is designed not to allow the execution of Native Code. (And ideally, a processor architecture where no two examples in the world even share the same instruction set, just to make really sure.)

    If everything is interpretated, and therefore all code is human-readable, there is nowhere for malware to hide.

    We probably also need to think about investigating whether a system that is by design Turing-incomplete enough not to support the propagation of malware can do anything useful.

    1. druck Silver badge
      Facepalm

      Re: The Fix

      There's plenty of places to hide in the tens of thousands of lines of human readable interpreted javascript pulled down and executed each time you visit a website - because you look at all first, don't you?

    2. Graham 32

      Re: The Fix

      > If everything is interpretated, and therefore all code is human-readable, there is nowhere for malware to hide.

      If everyone reads the code before they run it, and they understand it, and they can spot obfuscated malware then this might just work. I doubt it though.

      (Are you trolling? I'm not sure. Maybe the jokes on me.)

      1. Dyc

        Re: The Fix

        Any virus/ransomware is a computer code that needs to run in order to infect. Unlike human virus, ransomware can not run by itself. Any program code and script must invoke by OS kernel/interpreter in order to run ( kernel pass the control of CPU to the code). Therefore, kernel can check if the code is authorize before pass the control to it. So kernel/interpreter can checking if the code resides in the authorized libraries/folders, if not, won't let it run. Only system admin with special privilege can save any code in these libraries. This method can stop any virus/ransomware even the new one without the need of anti-virus program. For remote website Java script, we need to check if the IP address is trustworthy.

  3. e^iπ+1=0

    Standard ports

    I often notice on a new server that I might have hundreds of failed ssh login attempts before I disable password authentication if I run sshd on the standard port; if I start it on a non standard port there might be none, but I wouldn't consider leaving password authentication enabled.

    Non standard ports = security through obscurity = no security.

  4. Giles C Silver badge

    Application writers have to take some of the blame

    I wrote firewall rule today for SAP access loads of blocks of ports that had to opened, why can’t they just use a single port, the more ports you have to open the harder it gets for the firewall to monitor them and the attack vector gets bigger and bigger.

    Ok so the rule did lock the source and destination IPs but that is a huge way in if the source is compromised

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021