Cybersecurity is a dynamic field, and each year brings the introduction of new attack vectors, shifts in favored targets, and refinements in cybercriminal techniques.

But very few years have brought the sort of change we saw in 2020.

“2020 offered a perfect storm for cybercriminals and a critical tipping point for the cyber arms race,” said SonicWall President and CEO Bill Conner in the official announcement. “The pandemic — along with remote work, a charged political climate, record prices of cryptocurrency, and threat actors weaponizing cloud storage and tools — drove the effectiveness and volume of cyberattacks to new highs. This latest threat intelligence offers a look at how cybercriminals shifted and refined their tactics, painting a picture of what they are doing amid the uncertain future that lies ahead.”

The year was bookended by two historic events: the COVID-19 pandemic and the SolarWinds supply-chain attack. The former brought disruption so deep it succeeded in changing something as basic as the very way we do work. The latter struck the IT world to its core, setting off a chain reaction that would impact thousands of businesses, pulling back the curtain on a type of breach impervious to virtually all existing defenses.

In between, cybercriminals ramped up their efforts, weaponizing cloud-based tools and driving many threat vectors to new levels. Too often, their prey consisted of those least equipped to bear it — remote workers unaware of the risks that exist outside the corporate perimeter, overwhelmed healthcare facilities, and schools and universities struggling to make the transition to remote learning.

SonicWall Capture Labs threat researchers were on hand to track these seismic shifts in real time, and we’ve compiled their insights in the 2021 SonicWall Cyber Threat Report. Here’s a preview of what they discovered:

Ransomware Sets New Record

Record highs in the price of Bitcoin helped push ransomware to new heights: SonicWall recorded a 62% year- over-year increase in the number of ransomware attempts.

Of particular concern was the number of attempts involving Ryuk, a newer but rapidly growing ransomware family that continues to gain new capabilities, as well as a sharp increase in the number of attacks on the healthcare industry.

Patented RTDMI More Formidable Than Ever

In 2020, SonicWall’s Real-Time Deep Memory Inspection^TM (RTDMI) technology discovered 268,362 ‘never-before-seen’ malware variants, up 74% year-over-year. While the ability to block unknown mass-market malware in real time is crucial, RTDMI can also mitigate devastating side-channel attacks, such as the recently discovered attack affecting Apple M1 chips.

IoT Malware Jumps 66%

The number of IoT devices has been on the rise for years, but the COVID-19 pandemic accelerated this trend, pushing the number of attacks up to 56.9 million — a 66% increase over 2019. In North America, this spike was even more pronounced: attacks there rose a staggering 152%.

Cryptojacking Carries On Without Coinhive

Bitcoin wasn’t the only form of cryptocurrency to skyrocket in 2020: Monero prices also rose, helping to push cryptojacking to a three-year high. Predictions of cryptojacking’s demise weren’t completely off base, however: Browser-based cryptojacking did show a significant drop, though the amount of file-based cryptojacking attempts more than made up for it.

Intrusion Attempts Rise, Attack Patterns Change

2020 saw malicious intrusion attempts jump 112% overall — but the nature of these attacks also changed. Directory Traversal attempts jumped from 21% to 34% of total malicious attempts, while RCE attempts lost steam, falling from 21% to 16%.