A unused report from SonicWall found that ransomware attack attempts rose in the first half of 2021, with 304.7 million attack attempts by the company. SonicWall researchers saw a record number of attack attempts in both April and May, but both months were overcome by June, with 78.4 million ransomware attack attempts recorded.
The whole number of ransomware attacks seen by SonicWall in the first half of 2021 broke the 2020 whole of 304.6 million. The fact that the first six months of 2021 have already outpaced all of 2020 alarmed researchers at SonicWall, who added that it represented a 151% year-over-year increase.
“Even if we don’t score a single ransom attempt in the entire second half (which is illogically confident), 2021 will indeed go down as the worst year SonicWall ransomware has ever recorded,” the report said.
According to the 2021 SonicWall Cyber Threat Report, the amount of ransomware the company has seen has reached massive year-to-date hikes in the US at 185% and the UK at 144%. The United States, the United Kingdom, Germany, South Africa and Brazil topped the list of countries most affected by ransomware in the first half of 2021.
Within the United States, Florida was the states hardest hit from a ransomware perspective, with 111.1 million ransomware attempts. New York had 26.4 million, while Idaho had a population of 20.5 million, and Rhode Island and Louisiana handled nearly 9 million.
The report is compiled based on information collected by the SonicWall Capture Threat Network, which “monitors and collects information from global devices” including more than 1.1 million security sensors in 215 countries and territories. The report also shows cross-threat information that is shared between SonicWall security systems, including firewalls, email security devices, endpoint security solutions, attractions, content filtering systems, and the SonicWall Capture Advanced Threat Protection multi-engine sandbox.
The network collects malware and IP reputation data from tens of thousands of firewalls and email security devices around the world. The report also extracts insights through shared threat information from more than 50 industry collaborative groups and research organizations.
The report notes that the ransomware problem is still getting worse, and the data proves that the second quarter was much worse than the first quarter of 2021. The second quarter was the worst quarter the company has ever recorded, with ransomware totaling 188.9 million, far surpassing the first quarter figure. of 115.8 million.
Ransomware attacks are also on the rise all over the world. Europe experienced a 234% increase in the volume of ransomware, while North America saw increases of 180%. Asia saw its highest levels in March.
But the United States still leads the way globally, roughly matching the size of ransomware in the next nine countries in the top ten list of most attacked countries.
For 2021, the industry most under attack is the government, which saw triple the number of attacks final year. Government targets confront more attacks than nearly every other industry each month. By June, government clients saw the number of ransomware attempts 10-fold and an overall increase of 917%
Customers in education also saw a big number of ransomware attempts, an increase of 615%. SonicWall Capture Labs researchers have found troubling ransomware threats across healthcare organizations (594%) and retail (264%) as well.
Groups Ryuk, Cerber and SamSam accounted for 64% of all ransomware attack attempts, according to data from SonicWall’s Capture Labs. Ryuk alone totaled 93.9 million attempts, which is three times the number of Ryuk attempts seen in the first six months of 2020.
Cerber finished 2020 as the second most viewed ransomware family, according to SonicWall, and continued that trend with 52.5 million attack attempts in the first six months of 2021, and intense efforts in April and May.
SamSam managed to double its size from 2020 in the first half of 2021 with 49.7 million attack attempts. In June alone, the group launched 15.7 million attacks.
Bill Conner, CEO of SonicWall, said recent data shows that evolving threat actors have adapted their tactics and are adopting ransomware to reap financial acquire and sow discord.
“As secluded work continues to spread, businesses remain highly vulnerable, and criminals are acutely aware of the uncertainty across the cyber landscape,” Conner said.
The report also tracks malware, and found that compared to 2020, cases seen by SonicWall have declined since a peak of 10.5 billion cases in 2018.
Malware hit a six-year low in 2020 with 5.6 billion malware attempts and 2021 saw 2.5 billion malware attempts in the first six months of this year.
“But as will be apparent by reading the rest of this report, fewer malware does not equate to less cybercrime. Instead, it is a sign of abandoning the traditional malware associated with yesterday’s spray-and-prayer attacks…usually in favor of more specialized, sophisticated and more targeted, competent to make more money for criminals and leave more destruction on their way.”
North America and Europe both saw a decrease in the amount of malware, but Asian countries saw a 23% increase.
Malware surged in India and Germany in the first part of the year, with India seeing 147.2 million malware attempts, an 83% increase year-over-year, and Germany seeing 150.4 million malware attempts. The German numbers represent a staggering increase of 465%.
SonicWall researchers note that some countries outside the top ten list still suffer from malware. SonicWall said an organization in Vietnam had a 36.4% chance of seeing a malware attempt, a higher percentage than any other country.
Real-Time Deep Memory InspectionTM also detected 185,945 “never prior” types of malware, up 54% from the first half of 2020.
The report included some pleasing news. The size of malicious PDFs and Office files has decreased for the first time since 2018.
Malware targeting the Internet of Things increased in 2021 by more than 32 million attacks, and in the United States attempts on the Internet of things increased by 15%.
“While the nine vulnerabilities, collectively known as ‘Name: Wreck’, all have patches available at the time of writing, many IoT devices lack the aptitude to easily patch (or patch at all), which means we may see Attacks from these vulnerabilities will emerge years in the coming.”
Cryptojacking attempts also grew astoundingly in the first half of 2021. Of the 51.1 million cryptojacking attempts in 2021, the number of attacks increased by 118% in Asia and 248% in Europe.
“The continued rise in ransomware, encryption and other unique forms of monetization-targeted malware, combined with the evolution of their tactics, is evidence that the activity of cybercriminals is forever following the money and quickly adapting to unused opportunities and changing environments,” said SonicWall Vice President. Architecture platform by Dmitry Irapetov.