SonicWall Intelligence Report Illustrates Unstable Cyber Threat Landscape and Amplifying Concerns for Security Professionals
SonicWall President and CEO Bob VanKirk says, “The cyber warfare battlefront continues to shift, posing dangerous threats to organizations of all sizes. With expanding attack surfaces, growing numbers of threats and the current geo-political landscape, it should be no surprise that even the most seasoned IT professional can feel overwhelmed."
SonicWall, publisher of the world’s most quoted ransomware threat intelligence, released new threat data through the third quarter of 2022. SonicWall recorded more than 4 billion malware attempts globally while year-to-date ransomware attempts in 2022 have already exceeded full-year totals from four of the last five years. In the recent 2022 SonicWall Cyber Threat Mindset Survey, 91% of organizations reported that they are most concerned about ransomware attacks, indicating a rise of anxiety among security professionals.
“Being a security professional has never been more difficult,” said SonicWall President and CEO Bob VanKirk. “The cyber warfare battlefront continues to shift, posing dangerous threats to organizations of all sizes. With expanding attack surfaces, growing numbers of threats and the current geo-political landscape, it should be no surprise that even the most seasoned IT professional can feel overwhelmed. Armed with the latest cybersecurity tools, SonicWall partners can play a vital role in helping customers stay secure in even the most dynamic threat environments.”
“Regardless of the organization’s size or the industry, everybody is a target of cyberattacks,” said Debasish Mukherjee, Vice President, Regional Sales APJ at SonicWall Inc. “Additionally, digital attacks are not just targeting the enterprise; they are attacking governments, MSPs, retail and other organization types. These cyber criminals are confident that these organizations have limited recovery resources, and as such will be more willing to pay after a ransomware attack.”
Ransomware Attacks Shift, Tactics Intensify, Diversify
After a record-breaking 2021, overall ransomware attacks have trended down in the first three quarters of 2022 — especially in the United States (-51%). However, attack locations have continued to shift, as ransomware attempts jumped in the U.K. (20%), EMEA (38%) and APJ (56%) compared to the same time frame last year. Proprietary SonicWall threat intelligence also found that Q3 2022 was the lowest quarterly ransomware volume since Q3 2020. Even in decline, SonicWall recorded 338.4 million ransomware attempts since the beginning of the year.
It is easier than ever to perform ransomware attacks. With Ransomware-as-a-Service (RaaS) offerings, even less technical cybercriminals can purchase ransomware kits on the dark web and target organizations with minimal experience.
Ransomware actors also are diversifying their business models and broadening their networks as demand for their services continues to grow, leading to an explosion in the variety of different tools and resources being offered via illicit marketplaces. According to SonicWall survey data, organizations are concerned with how easily ransomware attacks can be launched and 89% cited concern of financially motivated threats.
“Ransomware has evolved at an alarming rate, particularly in the past five years — not only in volume but in attack vectors,” said SonicWall Emerging Threat Expert Immanuel Chavoya. “The latest Q3 data shows how bad actors are getting smarter in the development of evolutionary strains and more targeted in their assaults.”
Crypto-Jacking, IoT Malware Volume Continue Upward Trend
Hackers are increasingly targeting financial firms, such as banks and trading houses, with cyberattacks designed to maliciously use computer systems to illegally mine cryptocurrencies. Cryptojacking numbers jumped 35% globally through three quarters, including a 377% spike in EMEA and 160% increase in APJ.
With more smart devices entering the digital space every day there is a growing need for Internet of things (IoT) security. IoT devices have multiple ways to connect to a network, offering multiple attack vectors to exploit. IoT malware climbed 92% globally, with 82% and 200% jumps in APJ and North America, respectively.
“With over 1.4 million endpoints collecting data around the globe, SonicWall has more data to uncover emerging threat trends and provide a true depiction of what is happening in the cyber threat landscape,” said Solutions Granted (SGI) CEO Michael Crean. “They say knowledge is power and SonicWall’s proprietary data helps SGI stay informed, which in turn helps us educate our customer base. Leveraging SonicWall’s research helps SGI create actionable steps to help us keep our customers safer!”
Machine Learning Uncovering ‘Never-before-seen’ Malware Variants
SonicWall’s patented Real-Time Deep Memory InspectionTM (RTDMI) technology identified 373,756 never-before-seen malware variants during the first three quarters of 2022 — a 22% increase year-to-date.
One of these never-before-seen malware variants was Spyder Loader, which was observed targeting government organizations in Hong Kong in October 2022. SonicWall RTDMI proactively detected this malware strain and SonicWall Capture Labs threat researchers were the first to publish their analysis in a March 2021 SonicAlert — a showcase of RTDMI’s machine learning-powered capabilities.
SonicWall Capture ATP Showcases ‘Perfect Threat Detection’
In October 2022, SonicWall Capture Advanced Threat Protection (ATP) with RTDMI earned its seventh consecutive 100% threat detection score in ICSA Labs Advanced Threat Defense (ATD) testing for Q3 2022, the solution’s 11th consecutive certification. ICSA Labs is an independent third party that tested SonicWall’s solutions using never-before-seen malware samples, many just hours old.