SonicWall, publisher of ransomware threat intelligence, released the mid-year update to the 2022 SonicWall Cyber Threat Report. The newest report, researched and compiled by SonicWall Capture Labs, unveils an 11% increase in global malware, a 77% spike in IoT malware, a 132% rise in encrypted threats and a geographically-driven shift in ransomware volume as geopolitical strife impact cyberattacks.
“In the cyber arms race, cybersecurity and geopolitics have always been inseparably linked, and in the last six months we have seen that play out across the cyber landscape,” says SonicWall President and CEO Bill Conner. “The cyber warfare battlefront has shifted, as our data indicates a 63% rise in ransomware in Europe and a concerted effort to target financial sector companies, while ransomware volume dropped in other regions. With major increases in encrypted threats, IoT malware, cryptojacking and new unknown variants, it’s critical that cybersecurity leaders have all the required tools and technology to proactively detect and remediate against increasingly sophisticated and targeted threats to their business.”
Ransomware Attacks in Europe Swell
After a record-breaking 2021, overall ransomware attacks have trended down in the first half of 2022, decreasing globally for the fourth consecutive quarter.
Government sanctions, supply chain deficiencies, dropping cryptocurrency prices and limited availability of needed infrastructure are all making it more difficult for cybercriminals. Proprietary SonicWall threat intelligence reinforces that analysis, as June 2022 saw the lowest monthly ransomware volume in two years, which helped drive down overall global volume.
“As bad actors diversify their tactics, and look to expand their attack vectors, we expect global ransomware volume to climb — not only in the next six months, but in the years to come,” says Conner. “With so much turmoil in the geopolitical landscape, cybercrime is increasingly becoming more sophisticated and varying in the threats, tools, targets and locations.”
While global ransomware dipped to start the year, Europe saw significant increases in malware attacks (up 29% year-over-year) and ransomware attempts (up 63%). In terms of volume, seven of the top 11 countries targeted by ransomware were in Europe (United Kingdom, Italy, Germany, Netherlands, Norway, Poland and Ukraine), suggesting a cyber threat climate shift for the region.
Malware Rebounds with 11% Global Spike
In 2021, malware volume was slightly down, marking a third-straight year of decrease as well as a seven-year low. However, as predicted in the 2022 SonicWall Cyber Threat Report, a rebound was anticipated, due to a significant uptick in attacks during the second half of 2021. That rebound was felt as more than 2.8 billion malware attacks occurred within the first six months of 2022. In North America, encrypted threats were up an astounding 284% and IoT malware soared 228% within that same time frame.
Similar to shifting ransomware numbers, malware volume was level or dropped in typical hot spots like the United States (down 1%), United Kingdom (down 9%) and Germany (down 13%), while rising collectively in Europe (29%) and Asia (32%).
“The international threat landscape is now seeing an active migration that is profoundly changing the challenges not only in Europe, but the United States as well,” says SonicWall expert on emerging threats Immanuel Chavoya. “Cybercriminals are working harder than ever to be ahead of the cybersecurity industry, and unlike many of the businesses they target, threat actors often have no shortage of skills, motivation, expertise and funding within their organizations.”
The financial sector combatted a 100% increase in malware attacks, a 243% hike in ransomware attempts and a staggering 269% in cryptojacking attempts.
Record Number of New Malware Variants Discovered
SonicWall’s Real-Time Deep Memory Inspection (RTDMI) technology identified 270,228 never-before-seen malware variants during the first half of 2022—a 45% increase year-to-date. The first quarter of 2022 marked a record-high in never-before-seen malware discoveries (147,851), with March 2022 being the most ever on record (59,259).
Since the introduction of RTDMI in early 2018, new variants discovered have skyrocketed through June 2022. These are new and previously unknown cyberattacks that are going undetected by traditional sandbox approaches.