Mid-Year Threat Report Reveals Huge Increase in Ransomware Attacks

Last July, SonicWall issued a mid-year Cyber Threat Report update, which confirmed a big rise in cyberattacks beginning 2020. In the first half of 2021, cryptojacking attacks rose by 23%, encrypted threats went up by 26%, IoT attacks increased by 59%, and ransomware attackers increased by 151% compared to the corresponding time period last year.

Ransomware attacks were continuously growing starting Q1 of 2020, however the rate of increase jumped substantially between Q1 and Q2 of 2021, growing by 63.1% with a total of 188.9 million attempted attacks in Q2. In June, there were 78.4 million attempted cases of ransomware attacks, which is higher than the number of attacks in the 2nd quarter of 2020 and about 50% of the number of attempted ransomware attacks in 2019. The total number of attempted ransomware attacks in the first half of 2021 was 304.7 million.

2021 is the toughest year for ransomware recorded by SonicWall, mentioned in the report.

About 73% of ransomware attacks are usually performed in the United States. But ransomware attacks are growing worldwide. In the first 6 months of 2021, there is a 180% growth in attacks in North America and a 234% increase in ransomware in Europe. The United States had a 185% spike while the UK had a 144% increase in attacks.

Within the United States, some states were greatly attacked. The worst affected state was Florida, registering 111 million ransomware incidents, which is greater than the next nine most hit states put together. New York had 26 million attempted attacks; Idaho had 20 million, and Louisiana got 8.8 million.

The most hit sector is government. 2021 had a triple increase in ransomware attacks, which is the highest point in 2020. In June, government customers were targeted about ten times the average level. The education field was also widely targeted, though attacks on healthcare clients have continued to be reasonably constant all through the first six months of the year.

The greatest ransomware threat in 2021 was the Ryuk ransomware, as 93.9 million incidents of Ryuk were recorded in the first 6 months of the year, which is thrice the level in the corresponding time period in 2020. Cerber ransomware was additionally a big threat, with 52.5 million cases were documented in the first half of 2021. The number of Cerber incidents increased dramatically in April and May. Two-thirds of the 2020 total number of SamSam ransomware attempts were recorded in June alone, having 15.7 million attack attempts.

SonicWall reports there are a number of aspects that have driven the growth in attacks. One main reason is the extreme profitability of cyberattacks. A lot of firms have paid ransoms to bring back files or to avert the leak of sensitive data stolen in the attacks.

SonicWall says cyber threat actors are likewise getting more successful at locating and encrypting backups, making recovery difficult or impossible if no payment of ransom is made. There was likewise a rise in data theft prior to deploying ransomware. Victims often pay the ransom to retrieve information even if legitimate backups exist to retrieve files.

It is becoming prevalent for threat actors to perform repeat attacks on companies that have given the ransom since there is a possibility that a second ransom will likewise be paid. Companies that pay a ransom may additionally be attacked by other threat actors that have found out that one payment was given.

There was a few not so bad news reported, for example, the significant decline of malware attacks year over year. SonicWall Capture Labs documented 2.5 billion malware attempts in the first six months of 2021, which means a 22% drop from the same time frame in 2020. There was additionally a drop in the number of malicious PDF and Office files being spread in spam and phishing emails. The use of malicious Office files dropped by 54% in 2021; malicious PDF files dropped by 13%.