In the first half (H1) of 2021, ransomware attacks skyrocketed, eclipsing the entire volume for 2020 in only six months, according to the mid-year update to the SonicWall report. In a new paradigm for cybercrime, SonicWall is analyzing how threat actors are using any means possible to further their malicious intents.
Ransomware attacks volume reaching 304.7 million worldwide in H1 2021
With high-profile attacks against established technology and infrastructure, ransomware is now more prevalent than ever. Through the first half of 2021, there was a global ransomware volume of 304.7 million, surpassing 2020’s full-year total (304.6 million) — a 151% year-to-date increase.
“In a year driven by anxiety and uncertainty, cybercriminals have continued to accelerate attacks against innocent people and vulnerable institutions,” said SonicWall President and CEO Bill Conner.
“This latest data shows that sophisticated threat actors are tirelessly adapting their tactics and embracing ransomware to reap financial gain and sow discord. With remote working still widespread, businesses continue to be highly exposed to risk, and criminals are acutely aware of uncertainty across the cyber landscape. It’s crucial that organizations move toward a modern Boundless Cybersecurity approach to protect against both known and unknown threats, particularly when everyone is more remote, more mobile and less secure than ever.”
Ransomware attacks running rampant in H1 2021
After posting record highs in both April and May, a new high of 78.4 million ransomware attacks in June 2021 alone was recorded. Ransomware volume showed massive year-to-date spikes in the U.S. (185%) and the U.K. (144%). Accounting for 64% of all recorded ransomware attacks, Ryuk, Cerber and SamSam were the top three ransomware families in the first half of the year.
The top five regions most impacted by ransomware in the first half of 2021 were the United States, United Kingdom, Germany, South Africa and Brazil. Across the U.S., the five hardest-hit states were Florida (111.1 million), New York (26.4 million), Idaho (20.5 million), Louisiana (8.8 million) and Rhode Island (8.8 million).
“The continued rise of ransomware, cryptojacking and other unique forms of malware targeted at monetization, along with their evolution of tactics, are evidence that cybercriminal activity always follows the money and rapidly adapts to new opportunities and changing environments,” said SonicWall VP of Platform Architecture Dmitriy Ayrapetov.
In line with spikes in global data, researchers also recorded alarming ransomware spikes across key verticals, including government (917%), education (615%), healthcare (594%) and retail (264%) organizations.
Malware continues to fall, non-standard port attacks down
Last year, there was a drop in global malware attacks, a trend that continued in the first half of 2021 with a 24% drop in malware volume worldwide. As threat actors become more sophisticated — using ransomware, cryptojacking and other types of cyberattacks to launch surgical strikes — the need for “spray-and-pray” malware attempts has lessened, decreasing overall volume.
Malware attacks via non-standard ports also fell in 2021 after hitting record highs in 2020. These attacks, which aim to increase payloads by bypassing traditional firewall technologies, represent 14% of all malware attempts in the first half of 2021, down from 24% year to date.
Cryptojacking malware remains a concern
After having made an unexpected revival in 2020, cryptojacking malware continued to climb through the first half of 2021 as cryptocurrency prices remain high. From January to June, SonicWall threat researchers recorded 51.1 million cryptojacking attempts, representing a 23% increase over the same six-month period last year.
Europe was particularly ravaged, recording a 248% year-to-date rise in cryptojacking malware. This increase highlights the volatile shifts of a market cybercriminals have come to leverage due to their high desire for online anonymity when it comes to lucrative payouts.
IoT vector continues to serve threats
Last year, employees packed their belongings and went home in droves, introducing millions of new devices to the network and millions of openings for cybercrime. This year, IoT malware attacks have continued to increase, rising 59% year-to-date globally, a trend stemming back to 2018.
While the U.S. saw a slightly smaller 15% year-to-date increase in IoT malware, Europe and Asia also saw alarming rises of 113% and 190%, respectively, in IoT malware volume.