SonicWall, a leading provider of cyberattack intelligence and ransomware data, has released its bi-annual 2023 SonicWall Cyber Threat Report, which uncovers the increasingly diverse cyberattack landscape, with threat actors altering their strategies.
SonicWall recorded the second-highest year on record for global ransomware attempts, an 87% increase in Internet of Things (IoT) malware, and a record 139.3 million cryptojacking attacks in 2022.
“The past year reinforced the need for cybersecurity in every industry and every facet of the business, as threat actors targeted anything and everything, from education to retail to finance,” said SonicWall President and CEO Bob VanKirk. “While organisations face an increasing number of real-world obstacles with macroeconomic pressures and continued geopolitical strife, threat actors are shifting attack strategies at an alarming rate.”
The global malware volume saw a 2% increase year-on-year, driven by an 87% surge in IoT malware and a 43% rise in cryptojacking. These increases offset a 21% decline in global ransomware volume, indicating a strategic shift towards slower, more covert methods for financially motivated cyberattacks.
“Cyberattacks are an ever-present danger for companies of all sizes, putting their operations and reputation on the line,” said SonicWall Threat Detection and Response Strategist Immanuel Chavoya. “It is crucial for organisations to understand attackers’ tactics, techniques and procedures (TTPs), and commit to threat-informed cybersecurity strategies to defend and recover successfully from business-disrupting events. This includes stopping sophisticated ransomware attacks as well as defending emerging threat vectors, including IoT and cryptojacking.”
Threat actors are increasingly focusing on weak IoT devices, cryptojacking, and potentially soft targets such as schools and hospitals. Ransomware attacks have significantly impacted various industries, with education experiencing a 275% increase, finance a 41% increase, and healthcare an 8% increase in ransomware volume.
“Organisations today face an evolving threat landscape where threat actors are finding new and creative ways to stay ahead of the enterprise,” said Debasish Mukherjee, Vice President, Regional Sales, Asia Pacific Japan at SonicWall. “Cyber risks and their impacts on organisations globally continue to dominate headlines and boardrooms. The 2023 SonicWall Cyber Threat Report helps elevate us as a credible source and strengthens our ability to provide sound security measures to our customers.”
The report predicts an increase in state-sponsored cyberattacks targeting a broader range of victims, including SMBs and enterprises, in 2023.
The 2023 SonicWall Cyber Threat Report highlights various cyber threats, including:
- Malware – In 2022, the total volume of malware increased by 2% after three consecutive years of drop, as predicted in the 2022 SonicWall Cyber Threat Report. Europe experienced a 10% rise in malware, while Ukraine saw a record 25.6 million attempts, indicating a heavy reliance on malware in areas affected by geopolitical unrest. The APAC region faced worsening cyber conditions, with all monitored metrics intensifying, including a 38% surge in malware. However, malware decreased year-on-year in key countries like the US (-9%), the UK (-13%), and Germany (-28%).
- Ransomware – Despite a 25% global decline in overall ransomware numbers, the total volume in 2022 surpassed that of 2017, 2018, 2019, and 2020. Notably, Q4 2022 ransomware figures (154.9 million) were the highest since Q3 2021.
- IoT Malware – The global volume of IoT malware increased by 87% in 2022, reaching 112 million hits by the end of the year. With no slowdown in the growth of connected devices, cybercriminals are likely targeting weak points to exploit as potential entryways into larger organisations.
- Apache Log4j – Intrusion attempts targeting the Apache Log4j ‘Log4Shell’ vulnerability exceeded 1 billion in 2022. The vulnerability was initially discovered in December 2021 and has been actively exploited ever since.
- Cryptojacking – The use of cryptojacking as a ‘low and slow’ tactic continued to rise, increasing by 43% globally, marking the highest number recorded by SonicWall Capture Labs researchers in a single year. In the APAC region, cryptojacking spiked by 129%, reshaping the international cyber landscape. The retail and financial industries experienced substantial increases in cryptojacking attacks, with respective year-over-year growth rates of 2810% and 352%
Furthermore, SonicWall’s patented Real-Time Deep Memory InspectionTM (RTDMITM) technology discovered 465,501 never-before-seen malware variants in 2022, a 5% year-over-year increase. Since 2019, this is the fourth consecutive year RTDMI has expanded its total malware discoveries.
For the complete 2023 SonicWall Cyber Threat Report, visit SonicWall.com/ThreatReport.
