SonicWall Threat Report: Ransomware Attacks Drop, Cryptojacking Skyrockets
Cybercriminals are using increasingly advanced tools and tactics to exploit and extort victims.
Bits And Splits/Shutterstock
Top findings in the SonicWall report include:
Intrusion attempts climbed 21%, with a record surge in cryptojacking volume of over 399%.
Cryptojacking volume in North America and Europe jumped 345% and 788% respectively.
IoT malware, up 37%, and encrypted threats, up 22%, also are on the rise.
Opportunistic threat actors targeted education and government verticals with digital barrage.
SonicWall discovered 172,146 never-before-seen malware variants.
The lowest first-half totals on ransomware attempts since 2020, down 41%, despite a big second-quarter jump, suggesting a likely rebound over the next six months.
Cryptojacking can be done in complete secrecy, minimizing risk, SonicWall’s Bobby Cornwell said. With ransomware, there are more stringent sanctions and more risk at play. Cybercriminals will constantly shift their tools, tactics and procedures to succeed.
Some of the reasons cryptojacking has been so widespread could be:
As crypto prices fluctuate, it leads to an influx of cryptojacking mining. In order to make more crypto currency, the more compute power and resources are needed.
Leveraging cloud compute power, criminals can throw infinite resources to mine for more currency.
Cybercriminals are shifting away from the quick payout of ransomware in favor of the slower, behind-the-scenes approach of stealing compute power to mine digital currency.
Cybercriminals have pivoted to crimes with greater certainty of success, but they will not abandon proven tactics like ransomware, according to SonicWall. They are simply shifting strategy by target rather than exiting altogether. Prominent attacks continued to plague enterprises, cities, airlines and even K-12 schools, causing widespread system downtime, economic loss and reputational damage.
“Threat actors are looking for low-hanging fruit at unprecedented levels,” Cornwell said. “The digital battlegrounds continue to expand, creating more of a global concern. With that understanding, it’s more important than ever to have a sound defensive strategy in place to protect your most important digital assets.”
Cybercriminals are using increasingly advanced tools and tactics to exploit and extort victims. While ransomware continues to be a threat, SonicWall Capture Labs threat researchers expect more state-sponsored activity targeting a broader set of victims in 2023, including SMBs, government entities and enterprises.
Total global malware volume dipped slightly in the first half of 2023, with the United States and the United Kingdom logging the biggest dips. Surprisingly, malware numbers climbed in every other tracked region, suggesting a geo-migration of threat actor behavior as they move from targeting traditional hotspots to more opportunistic locations.
“Attack types ebb and flow, but do not disappear,” Cornwell said. “In general, the threat landscape will continue to evolve on a global scale. Places like Latin America, Africa and Asia will continue to see a climb in attacks, and threat actors will find new means of attack vectors to expand their nefarious activities.”
Evolving cyberattacks and increasingly sophisticated defensive technology serve as an essential lesson about the importance of both transparency and proactivity in preventing vulnerabilities, Cornwell said.
Organizations can better protect themselves from these latest threats by:
Educating themselves and employees on the danger of the threat landscape.
Implementing next-generation firewalls and antivirus software.
Effective, proactive collaboration of all stakeholders must be pushed to the forefront.
Creating and maintaining a true enterprise security strategy that has the ability to thwart bad actors in their tracks.
Evolving cyberattacks and increasingly sophisticated defensive technology serve as an essential lesson about the importance of both transparency and proactivity in preventing vulnerabilities, Cornwell said.
Organizations can better protect themselves from these latest threats by:
Educating themselves and employees on the danger of the threat landscape.
Implementing next-generation firewalls and antivirus software.
Effective, proactive collaboration of all stakeholders must be pushed to the forefront.
Creating and maintaining a true enterprise security strategy that has the ability to thwart bad actors in their tracks.
The latest SonicWall threat report shows various malicious activity, including cryptojacking, offset a global decline in ransomware in the first half of 2023, but ransomware attacks likely will rebound over the second half of the year.
SonicWall’s 2023 Mid-Year Cyber Threat Report uncovers evolving tactical behaviors from digital threat actors as they opt for different types of malicious attacks compared to years past.
SonicWall Threat Report Findings
Overall intrusion attempts were up, led by the highest year on record for global cryptojacking volume recorded by SonicWall, as threat actors shifted away from traditional ransomware attacks in favor of a stealthier means of malicious activities. The data suggests increased law enforcement activity, heavy sanctions and victims’ refusal to pay ransom demands have altered criminal conduct, and threat actors are targeting other means of revenue.
SonicWall’s Bobby Cornwell
Bobby Cornwell, SonicWall‘s vice president of product security, said cybercriminals are moving away from mass, spray-and-pray attacks and opting for more of a stealthy, strategic/targeted and subtle approach. The cyber threat landscape continues to remain extremely volatile, and the data supports that.
“While SonicWall’s data doesn’t measure the success of these activities, we have traditionally seen that threat actors look for the most opportunistic attacks, meaning they want to minimize their risks and maximize their profits,” he said. “When we see a 399% spike in global cryptojacking numbers, we can assume cybercriminals are looking for alternative revenue streams.”
Scroll through our slideshow above from more from the latest SonicWall threat report.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like