The midyear update of the 2020 SonicWall Cyber Threat Report shows an increase in ransomware attacks, malicious files disguised as Microsoft Office file types and IoT malware attacks. These increases were mitigated, at least to some extent, by a drop in overall malware attacks worldwide.
Data about ransomware attacks was particularly troubling, showing a 109% increase in U.S. ransomware attacks. The broad-based report—it uses data from 1.1 million sensors in more than 215 countries and territories—identifies a chaotic environment.
First the good news: Global malware attacks fell from 4.8 billion to 3.2 billion (-24%) compared to the 2019 midyear report. India (-64%), Germany (-60%), the U.K. (-27%) and the U.S. (-24%) enjoyed the reductions most.
The bad news was led by ransomware attacks, which increased to a “staggering” 121.4 million globally during the first half of the year. U.S. ransomware attacks number 79.9 million.
The report said that COVID-19 phishing attacks began rising in March, with peaks on March 24, April 3 and June 19. Overall phishing exploits began strong in January, dipped by 15% and then rose with the onset of the pandemic.
SonicWall credited the rise of remote work with an increase of 176% in new malware attacks disguised as Microsoft Office files. Overall, new malware was disguised as Microsoft files in 22% of cases and as PDF files in 11%. SonicWall’s Real-Time Deep Memory Inspection technology identified 120,910 “never before seen” malware variants, a 63% increase over the first six months of last year.
More data points:
- California had the highest total malware volume — but was not even in the top half on a percentage basis. Organizations ran the greatest risk in Kansas, where 31.3% of sensors detected a hit. Rounding out the top five were Montana (29.0%), Rhode Island (28.3%), Iowa (28.1%) and Hawaii (27.7%).
- Non-standard ports – which bypass traditional firewall technologies – were targeted in 23% of attacks, the highest mark since SonicWall began assessing the attack vector two years ago. The approach was used by 26% of malware attacks in February and 30% in May, both records.
- SonicWall also found a 50% increase in IoT malware attacks. The company credits an increasing number of homebound workers and increasing use of IoT devices in refrigerators, baby monitors and other equipment.
The pandemic likely wasn’t the only factor driving the dynamics of the cybercrime during the first half of the year, but it certainly roiled the waters.
“This latest cyber threat data shows that cybercriminals continue to morph their tactics to sway the odds in their favor during uncertain times,” said SonicWall President and CEO Bill Conner in a press release about the U.S. ransomware attacks. “With everyone more remote and mobile than ever before, businesses are highly exposed and the cybercriminal industry is very aware of that. It’s imperative that organizations move away from makeshift or traditional security strategies and realize this new business normal is no longer new.”
The security landscape was changing – and not for the better – even before the pandemic. In March 2019, a report by Accenture and the Ponemon Institute found that the average malware attack costs companies $2.6 million annually.