Aggressive growth in ransomware, rise in IoT attacks, SonicWall research finds

Bill Conner of SonicWall

SonicWall Capture Labs threat researchers has unveiled third-quarter threat intelligence collected by the company’s more than 1 million global security sensors.

In a Year-to-date findings through September 2020 highlight cyber criminals’ growing use of ransomware, encrypted threats and attacks leveraging non-standard ports, while overall malware volume declined for the third consecutive quarter.

“For most of us, 2020 has been the year where we’ve seen economies almost stop, morning commutes end and traditional offices disappear,” says SonicWall president and CEO, Bill Conner. “However, the overnight emergence of remote workforces and virtual offices has given cybercriminals new and attractive vectors to exploit. These findings show their relentless pursuit to obtain what is not rightfully theirs for monetary gain, economic dominance and global recognition.”

SonicWall capture labs key findings include:

  • 39% decline in malware (4.4 billion YTD); volume down for third consecutive quarter
  • 40% surge in global ransomware (199.7 million)
  • 19% increase in intrusion attempts (3.5 trillion)
  • 30% rise in IoT malware (32.4 million)
  • 3% growth of encrypted threats (3.2 million)
  • 2% increase in cryptojacking (57.9 million)

Malware volume dipping as attacks more targeted, diversified

While malware authors and cybercriminals are still busy working to launch sophisticated cyberattacks, SonicWall research concludes that overall global malware volume continues steadily decline in 2020. In a year-over-year comparison through the third quarter, SonicWall researchers recorded 4.4 billion malware attacks, a 39% drop worldwide.

Regional comparisons show India (-68%) and Germany (-64%) have once again seen a considerable drop-rate percentage, as well as the United States (-33%) and the United Kingdom (-44%). Lower numbers of malware do not mean it is going away entirely. Rather, this is part of a cyclical downturn that can very easily right itself in a short amount of time.

Ransomware erupts, ryuk responsible for a third of all attacks

Ransomware attacks are making daily headlines as they wreak havoc on enterprises, municipalities, healthcare organisations and educational institutions. SonicWall researchers tracked aggressive growth during each month of Q3, including a massive spike in September. While sensors in India (-29%), the U.K. (-32%) and Germany (-86%) recorded decreases, the U.S. saw a staggering 145.2 million ransomware hits, a 139% YoY increase.

Notably, SonicWall researchers observed a significant increase in Ryuk ransomware detections in 2020. Through Q3 2019, SonicWall detected just 5,123 Ryuk attacks. Through Q3 2020, SonicWall detected 67.3 million Ryuk attacks a third (33.7%) of all ransomware attacks this year.

“What’s interesting is that Ryuk is a relatively young ransomware family that was discovered in August 2018 and has made significant gains in popularity in 2020,” says SonicWall vice president, platform architecture, Dmitriy Ayrapetov. “The increase of remote and mobile workforces appears to have increased its prevalence, resulting not only in financial losses, but also impacting healthcare services with attacks on hospitals.

“Ryuk is especially dangerous because it is targeted, manual and often leveraged via a multi-stage attack preceded by Emotet and TrickBot malware. Therefore, if an organisation has Ryuk, it’s a pretty good indication that its infested with several types of malware.”

SonicWall Capture Advanced Threat Protection (ATP), with patent-pending Real-Time Deep Memory InspectionTM (RTDMI), protects against all Emotet, TrickBot and Ryuk ransomware variants in real time.

IoT dependency grows along with threats

COVID-19 led to an unexpected flood of devices on networks, resulting in an increase of potential threats to companies fighting to remain operational during the pandemic. SonicWall Capture Labs found a 30% increase in IoT malware attacks, a total of 32.4 million world-wide.

Most IoT devices including voice-activated smart devices, door chimes, TV cameras and appliances were not designed with security as a top priority, making them susceptible to attack and supplying perpetrators with numerous entry points.

“Employees used to rely upon the safety office networks provided, but the growth of remote and mobile workforces has extended distributed networks that serve both the house and home office,” says Conner. “Consumers need to stop and think if devices such as AC controls, home alarm systems or baby monitors are safely deployed. For optimum protection, professionals using virtual home offices, especially those operating in the C-suite, should consider segmenting home networks.”

SonicWall threat intelligence data also concluded that while cryptojacking (57.9 million), intrusion attempts (3.5 trillion) and IoT malware threats (32.4 million) are trending with first-half volume reports, they continue to pose a threat and remain a source of opportunity for cybercriminals.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
RECENT ARTICLES

Infineon and Rainforest Connection create real-time monitoring system to detect wildfires

Posted on: October 22, 2021

Munich and San Jose, California, 21 October, 2021 – Infineon Technologies AG a provider of semiconductors for mobility, energy efficiency and the IoT, announced a collaboration with Rainforest Connection (RFCx), a non-profit organisation that uses acoustic technology, Big Data and Artificial Intelligence / Machine Learning to save the rainforests and monitor biodiversity.

Read more

Infineon simplifies secure IoT device-to-cloud authentication with CIRRENT Cloud ID service

Posted on: October 21, 2021

Munich, Germany. 21 October 2021 – Infineon Technologies AG launched CIRRENT Cloud ID, a service that automates cloud certificate provisioning and IoT device-to-cloud authentication. The easy-to-use service extends the chain of trust and makes tasks easier and more secure from chip-to-cloud, while lowering companies’ total cost of ownership. Cloud ID is ideal for cloud-connected product companies

Read more