The new throat year update of the SonicWall Cyber Threat Report 2021 shows that over 2021 million ransomware attacks have already occurred in 300. That is more than in all of 2020. Since the beginning of the year, the numbers have increased particularly in the USA (185%) and Great Britain (144%).
In the first half of 2021, the number of ransomware attacks skyrocketed and in just six months is already higher than in 2020 as a whole, as can be read in the half-yearly update for the SonicWall Cyber Threat Report 2021 published today. SonicWall has analyzed how cybercriminals are attempting to use all kinds of methods to carry out their malicious intentions in this new era of cybercrime.
Ransomware attacks are becoming more common
The sensational attacks on proven security technologies and infrastructures show that ransomware attacks are now more common than ever before. In the first half of 2021, SonicWall recorded 304,7 million ransomware attacks worldwide, exceeding the total for the full year 2020 (304,6 million) - an increase of 151 percent since the beginning of the year.
"In a year of fear and uncertainty, cybercriminals have redoubled their efforts to target innocent people and vulnerable organizations," said SonicWall President and CEO Bill Conner. “The latest data shows that these cunning attackers are tirelessly adapting their tactics and using ransomware to get rich financially and cause strife. With many employees still working remotely, companies remain at high risk. Criminals are well aware of the uncertain situation in the cyber industry. Organizations should definitely switch to a modern approach to boundless security to protect themselves from known and unknown threats. This is particularly important now, as more employees than ever before are working remotely and are more vulnerable than ever before. "
Ransomware is rampant
The half-year report shows the increase in ransomware attacks (image. SonicWall).
After hitting new highs in both April and May, SonicWall posted a new record high of 78,4 million ransomware attacks in June 2021 alone. ) increased massively. According to information from the SonicWall Capture Lab, Ryuk, Cerber and SamSam were the three most common ransomware families with 185 percent of all recorded ransomware attacks in the first half of the year.
The five regions most affected by ransomware in the first half of 2021 were the US, UK, Germany, South Africa and Brazil. In the United States, the five states of Florida (111,1 million), New York (26,4 million), Idaho (20,5 million), Louisiana (8,8 million) and Rhode Island (8,8 million) were particularly affected .
The US is hardest hit
"The continuous increase in ransomware, cryptojacking and other forms of malware for monetization as well as the further development of the tactics used are proof that cybercriminal activities are always financially motivated and can be quickly adapted to new opportunities and changed environments," explains Dmitriy Ayrapetov, Vice President of Platform Architecture at SonicWall.
In line with the surge in global data, the SonicWall Capture Labs Threat Research team also saw alarming increases in ransomware numbers in key areas such as Government (917%), Education (615%), Healthcare (594%), and Retail (264%).
Patented RTDMI technology blocked
In the fight against known and unknown threats, SonicWall's patented Real-Time Deep Memory InspectionTM (RTDMI) technology has identified record numbers of new malware variants. A year-on-year increase of 54 percent was reported in the first half of 2020.
RTDMI technology blocks more sophisticated and unknown malware with fewer false positives compared to traditional behavior-based sandboxing methods. This is shown by the latest results of the ICSA Labs Advanced Threat Defense (ATD) test (Q2), in which the SonicWall Capture Advanced Threat Protection (ATP) service with RTDMI identified 33 percent of unknown threats without a single hoax for 100 consecutive days .
Alternative to sandboxing methods
In its most recent test from the second quarter of 2021, ICSA ran a total of 1.144 exams with Capture ATP. A mix of 544 new and little-known malicious samples and 600 harmless applications were used. Capture ATP correctly identified 100 percent of the malicious samples and allowed all harmless samples to pass unhindered. This was the sixth ICSA-ATD certification for Capture ATP in a row and the second top grade in as many quarters.
The report Q1 & 2/21 lists the most important attack groups (Image: SonicWall).
"Independent certifications are not easy to get because of the high demands, especially in today's dynamic threat landscape," said Alex Dubrovsky, vice president of software engineering and threat research at SonicWall. "The fact that we have received so many top marks in a row speaks for the SonicWall team and our ongoing efforts to equip organizations with the information and technology they need to ward off the most dangerous cyber threats."
Classic malware numbers continue to decline
Last year SonicWall saw a decrease in global malware attacks - a trend that continued with a 2021 percent decline in the first half of 24. Now that cybercriminals are becoming more sophisticated - targeting ransomware, cryptojacking, and other types of cyberattacks - fewer spray-and-pray malware attacks are required, which has reduced the overall number.
Malware attacks on non-standard ports also fell in 2021 after breaking new records in 2020. These attacks aim to increase payloads by bypassing traditional firewall technologies and accounted for 2021 percent of all malware attempts in the first half of 14 - up from 24 percent previously.
Cryptojacking malware remains of concern
After an unexpected comeback in 2020, the number of cryptojacking malware continued to rise in the first half of 2021 as cryptocurrency prices remain at high levels. Between January and June, the SonicWall threat research team recorded 51,1 million cryptojacking attempts, a 23 percent increase over the same period last year.
Europe was particularly hard hit, with a 248 percent year-over-year increase in cryptojacking malware. This increase underlines the high volatility of the market, in which cyber criminals can remain anonymous and generate lucrative profits.
IoT trend leads to more attacks
Last year, countless employees left their offices to work from home. This resulted in millions of new devices being connected to the network - and millions of new opportunities for cyber criminals. Internet of Things (IoT) malware attacks continued to increase this year, by 59 percent globally since the beginning of the year - a trend that dates back to 2018.
While the number of IoT malware in the US was only slightly higher at 15 percent year-on-year, Europe and Asia saw an alarmingly high increase of 113 and 190 percent respectively.
Threat intelligence from 1,1 million sensors in 215 countries
The SonicWall Capture Lab's threat research team collects and analyzes threat intelligence from 1,1 million sensors in more than 215 countries and regions, including cross-vector threat intelligence shared between SonicWall security systems. These systems include firewalls, email security devices, endpoint security solutions, honeypots, content filtering systems and the multi-engine sandbox SonicWall Capture Advanced Threat Protection (ATP), the internal SonicWall framework for a automated malware analysis, malware and IP reputation data from tens of thousands of firewalls and email security devices around the world.
More at SonicWall.com
About SonicWall SonicWall provides limitless cybersecurity for an extremely decentralized work environment where everyone is remote, mobile and potentially at risk. Thanks to SonicWall, companies that have to find their way in a changing world of work benefit from seamless protection against highly developed threats that attack their network via countless points of attack and increasingly mobile and cloud-based employees. With the identification of unknown threats, advanced real-time monitoring functions and outstanding cost-effectiveness, SonicWall is helping companies, government agencies and SMBs around the world to close the cybersecurity gap.