Global ransomware grows 151%, SonicWall research finds
In the first half of 2021 ransomware attacks increased significantly, eclipsing the entire volume for 2020 in only six months.
This is according to the mid-year update to the 2021 SonicWall Cyber Threat Report.
With high-profile attacks against established technology and infrastructure, ransomware is now more prevalent than ever, the report finds.
Through the first half of 2021, SonicWall recorded global ransomware volume of 304.7 million, surpassing 2020's full-year total (304.6 million), marking a 151% year to date increase.
After posting record highs in both April and May, SonicWall recorded another new high of 78.4 million ransomware attacks in June 2021 alone.
Accounting for 64% of all recorded ransomware attacks, Ryuk, Cerber and SamSam were the top three ransomware families in the first half of the year, as recorded by SonicWall Capture Labs.
In line with spikes in global data, SonicWall Capture Labs threat researchers also recorded ransomware spikes across key verticals, including government (917%), education (615%), healthcare (594%) and retail (264%) organisations.
Meanwhile, last year SonicWall recorded a drop in global malware attacks, a trend that continued in the first half of 2021 with a 24% drop in malware volume worldwide.
As threat actors become more sophisticated - using ransomware, cryptojacking and other types of cyberattacks to launch surgical strikes - the need for ‘spray-and-pray' malware attempts have lessened, decreasing overall volume, the researchers state.
Malware attacks via non-standard ports also fell in 2021 after hitting record highs in 2020.
These attacks, which aim to increase payloads by bypassing traditional firewall technologies, represent 14% of all malware attempts in the first half of 2021, down from 24% year to date.
The report also found that after having made an unexpected revival in 2020, cryptojacking malware continued to climb through the first half of 2021 as cryptocurrency prices remain high.
From January to June, SonicWall threat researchers recorded 51.1 million cryptojacking attempts, representing a 23% increase over the same six-month period last year.
Another key trend highlighted in the report was attacks on internet of things (IoT) networks. In 2020, employees packed their belongings and went home in droves, introducing millions of new devices to the network and millions of openings for cybercrime, the researchers state.
This year, IoT malware attacks have continued to increase, rising 59% year-to-date globally, a trend stemming back to 2018.
SonicWall president and CEO Bill Conner says, "In a year driven by anxiety and uncertainty, cybercriminals have continued to accelerate attacks against innocent people and vulnerable institutions.
"This latest data shows that sophisticated threat actors are tirelessly adapting their tactics and embracing ransomware to reap financial gain and sow discord.
"With remote working still widespread, businesses continue to be highly exposed to risk, and criminals are acutely aware of uncertainty across the cyber landscape.
"It's crucial that organisations move toward a modern boundless cybersecurity approach to protect against both known and unknown threats, particularly when everyone is more remote, more mobile and less secure than ever."
SonicWall vice president of platform architecture Dmitriy Ayrapetov says, "The continued rise of ransomware, cryptojacking and other unique forms of malware targeted at monetisation, along with their evolution of tactics, are evidence that cybercriminal activity always follows the money and rapidly adapts to new opportunities and changing environments."
SonicWall vice president regional sales APAC Debasish Mukherjee says, "The pandemic drove the effectiveness and volume of cyberattacks to historic highs.
"Remote workforces, a charged political climate, record prices of cryptocurrency, and threat actors weaponising cloud storage and tools created new and numerous attack vectors on targets.
"Threats that were once thought to be two or three years away are now a reality with do-it-yourself, cloud-based tools creating an army of cybercriminals armed with the same devastating force and impact of a nation-state or larger criminal enterprise."
He continues, "It's imperative the IT industry stay ahead of these mounting threats, strengthen relationships between private and government sectors, and formulate more coordinated efforts to swiftly share threat intelligence and act upon it."
SonicWall Capture Labs threat researchers collect and analyse threat intelligence data from 1.1 million sensors in over 215 countries and territories.