By Mary Grlic
Sonicwall’s recent mid-year cyber threat report details the danger of cyberattacks in 2022. With cyber threats becoming an increasingly concerning risk, Sonicwall’s report is especially important. Understanding these sorts of threats can help businesses better protect their cybersecurity. Sonicwall is an American cybersecurity company that provides services like firewalls, threat management, and network protection. We have unpacked their mid-year report to better understand the risks and threats of cyber attacks, as well as find ways to mitigate them.
Sonicwall: Malware Attacks
Malware can be any software that is designed to damage or gain unauthorized access to a device. During the first half of 2022, Sonicwall reports that there was an 11% increase in malware attacks year-to-date over 2021.
Sonicwall also questions why malware has increased. They look at the shift in work locations; during the height of the pandemic, many companies shifted to work from home models. Now remote and hybrid employment is only increasing, with an increase from 67% to 81% of remote-capable workers working from home or hybrid between September 2021 and March 2022. Sonicwall states that if there was an increase in employees at the office and a greater need for cyber protection, they would have seen an increase in malware. This is not the case: malware still saw an increase in the first half of 2022.
Malware by Region
Malware seems to be changing its course of action. North America only saw a 2% increase in malware which was much lower than the average. The United States even saw a 1% decrease in malware attacks so far this year, but still sees high volumes of malware. Though North America typically sees a greater increase in malware than other regions, Europe (29% increase) and Asia (32% increase) saw a greater change during the first half of 2022.
Within the United States, states like Florida, California, and New York are the top runners for malware volumes so far this year. These states have over 100 million malware hits each during 2022. However, Sonicwall deems other states as “riskier,” like South Dakota, Kansas, and Hawaii.
Malware by Industry
Education was struck the most by malware attacks, seeing a 21.4% per month increase. Government industries had an average of a 19.3% increase per month. Financial companies experienced the lowest percentage increase at just around 15%.
Malware in Ukraine
Sonicwall specifically noted malware increases in Ukraine as well. Sonicwall does not typically report on cyber crime in Ukraine because they do not have the minimum amount of active sensors for reporting. However, in the beginning of 2022, Sonicwall chose to gather some data about ransomware in the country given the current political climate with Russia (a known pioneer of cyber crime). Sonicwall noted an 18,386% increase in malware attempts in Ukraine from January to June of 2022.
Internet of Things (IoT) malware saw a massive increase in the first six months of 2022. There was a 77% increase year to date. This type of software can include any device that is able to exchange real time data using embedded sensors. Conceptually, IoT can be any device with an on/off switch that is connected to a computer. Such devices include smart TVs, Amazon Alexa, or wearable fitness devices like a FitBit.
With more “smart” devices in every home, it seems to make sense that there is such a large increase in Sonicwall projects that 2022 will exceed 2021 to have a record-breaking year for IoT malware. The finance industry was hit the worst by IoT malware attacks, with a 151% increase. Healthcare (123%), government (122%), retail (114%), and education (110%) also saw substantial increases in IoT malware.
Sonicwall: Ransomware Attacks
Contrary to the increase in other types of cyber attacks, Sonicwall reported a 23% decrease in ransomware at 236.1 million attacks during the first half of 2022. While the decrease may look promising, there is still an overall global increase in the number of ransomware attacks since pre-pandemic times. The amount of ransomware attacks during the first half of 2022 has already surpassed the numbers seen in 2017, 2018, and 2019 combined. It seems like 2022 may pass 2020 statistics, making this year the second-worst year for ransomware since Sonicwall started tracking. In 2021, Sonicwall released unprecedented statistics, with over 600 million ransomware attacks reported. Compare that to the amount of attacks seen in 2022 thus far, at just over 230 million, it is clear that 2021 saw a massive increase in ransomware.
In 2021, Sonicwall reported a 105% increase in ransomware attacks. Many of these threats were from large volumes of Ryuk, SamSam, and Cerber attacks making up 62% of ransomware during the year. Such threats included supply-chain attacks, attacks on vital infrastructure, double extortion, and even triple extortion techniques. But why did the numbers go back down during the first half of this year, and why are they projected to stay lower during the second half of 2022?
Sonicwall Explains the Decrease in 2022
Ransomware likely decreased in 2022 because of the volatility in cryptocurrency, more stringent cybersecurity regulations, and the geopolitical climate. When users get a ransomware attack, malware on their system disables them from accessing files on their computer. They must pay a ransom fee, typically in the form of a cryptocurrency like Bitcoin, to decrypt their information. With so much change in the value of cryptocurrencies, hackers probably do not see value in ransomware attacks. If they are going to ask for a ransom fee, they would want to at least make reliable money.
Additionally, in response to terrible ransomware attacks seen in the past few years, like the attack on the Colonial Pipeline, security agents are creating new regulations to protect organizations against ransomware. Finally, the political conflict between Russia-Ukraine likely plays a part in the changes in ransomware statistics. Although Russia is a huge cyber crime culprit, the country likely put more focus on their efforts in Ukraine during early 2022.
The Sonicwall report warns that despite the decrease seen in the past 6 months, ransomware will not be going away anytime soon. FBI Director Christopher Wray states that the FBI is still seeing a variety of ransomware attacks. Sonicwall reports an average of more than 700 ransomware attacks per customer during the first half of 2022.
Ransomware by Region
In North America, ransomware dropped by 42% during the first six months of 2022. Because of this substantial decrease, there was also a global drop in ransomware attacks. Although places like the United States saw a decrease in ransomware, other countries saw increases in ransomware. Ransomware in Asia went up 4% in early 2022 and shot up more than 60% in Europe. There was a 42% decrease in ransomware in the United States and a 2% decrease in the U.K.
Ransomware by Industry
Some industries experience different levels of ransomware attacks. In fact, certain industries actually saw increases in their ransomware attacks during the start of 2022. The only organization that saw a decrease in ransomware was government agencies, with ransom targets dropping more than 80%. Education and retail industries saw an increase at 51% and 90% respectively. Finance and healthcare both saw massive increases at 243% and 328% respectively. These triple digit figures are both shocking and quite concerning, making it clear that ransomware is still a threat.