Ransomware Attacks Lower by 23% Worldwide Yet Higher by 328% in Healthcare

SonicWall has updated its mid-year 2022 Cyber Threat Report, which shows the worldwide cyberattack developments in H1 of 2022. The information for the report was gathered from over 1.1 million worldwide sensors in 215 nations and reveals a global drop in ransomware attacks, with a significant rise in malware attacks. This trend is a first in three years.


SonicWall states a 23% drop in ransomware attacks worldwide in H1 of 2022 with only 236.1 million attempted attacks. The downhill trend continues for the past four quarters. The lowest number of ransomware attacks was in June 2022. Although ransomware attacks decreased overall, that isn’t true for the healthcare sector with 328% higher attacks in H1 2022.

Although the decrease in attacks is good news, it ought to be mentioned that the year-to-date numbers of ransomware attacks continue to be greater than in 2017, 2018, and 2019. SonicWall documented 707 ransomware attempts on average per client in the first half of 2022 in the U.S.A. SonicWall states that the reduction in attacks is due to the mix of geopolitical forces, unpredictable cryptocurrency rates, and a greater government and law-enforcement emphasis on ransomware groups.


Ransomware attacks had grown for two years, however, malware attacks are at low figures. 2021 had the lowest malware attacks in 7 years. H1 2022 saw a sharp rise in malware attacks. It is 11% more compared to H1 2021. There were 2.8 billion malware attacks in H1 2022 with 8,240 attempts on average per customer. There was a noticeable increase in new malware variants in 2022, which grew by 45% compared to H1 2021. Cryptojacking has grown by 30% in comparison to H1 2021, despite the sharp drop in the price of cryptocurrencies. Cryptjacking attacks in healthcare dropped by 87%.

The largest upsurge in malware was observed in IoT malware, which grew by 77% from H1 2021 having 57 million detections. That is the maximum rate of detection since SonicWall started tracking the attacks. The number of attacks in H1 2022 was just somewhat less than the total attacks documented in 2021. IoT attacks in America grew by 228% in June while IoT malware attacks on the healthcare sector grew by 123%.

Malicious Files

SonicWall revealed in its mid-year 2021 report that the number of malicious Office files dropped by 54% and malicious PDF files dropped by 13%. However, the decrease in number was brief, as this year saw a boost in detections of malicious files. In the H1 of 2022, malicious Office file detections went up by 18%, while malicious PDF file detections grew by 9%. Currently, 18% of malicious file types are PDF files, while 10% are Office files and over 84% are Excel files. 64% of malicious Excel files are Excel Macro 4.0 (XLM) files. Executable files remain the most popular malicious file types, with over 33% of malicious files.

Encrypted Attacks

SonicWall noticed a 132% rise in encrypted attacks in H1 2022, which is a continuation of the past two years’ trends. May 2022 had the second highest number of malware over HTTPS ever documented. Encrypted threats were most common in the U.S., which is 41% of the worldwide volume, having a 284% growth over the equivalent period in 2021. There was a 6% drop in encrypted attacks in healthcare.

Intrusion Attempts

Intrusion attempts increased by 18% worldwide in H1 2022, however, the number of malicious intrusions dropped by 19%. In North America, there was a rise in intrusion attempts yet the attacks seem to have reached the maximum in June. Intrusion attempts grew by 39% in the healthcare sector, 46% in government, and 200% in the retail industry. Despite these surges, the H1 2022 statistics are less than in 2021.