SonicWall
Newsroom SonicWall: Record 304.7 Million Ransomware Attacks Eclipse 2020 Global Total in Just 6 Months

SonicWall: Record 304.7 Million Ransomware Attacks Eclipse 2020 Global Total in Just 6 Months

  • Ransomware showed massive year-to-date spikes in the U.S. (185%), U.K. (144%)
  • Ryuk, Cerber, SamSam top families of the year, making up 64% of all ransomware volume
  • Government, education, healthcare, retail verticals increasingly targeted by ransomware
  • Up 59% year-to-date globally, IoT malware continues growth since 2018
  • Cryptojacking malware remains a key threat, up 23% year-to-date globally and up 22% in the U.S.
  • SonicWall’s patented RTDMI™ finding more never-before-seen malware than ever, posting a 54% year-to-date increase over the first half of 2020

MILPITAS, Calif. — JULY 29, 2021 — In the first half of 2021, ransomware attacks skyrocketed, eclipsing the entire volume for 2020 in only six months, according to the mid-year update to the 2021 SonicWall Cyber Threat Report published today. In a new paradigm for cybercrime, SonicWall is analyzing how threat actors are using any means possible to further their malicious intents.

With high-profile attacks against established technology and infrastructure, ransomware is now more prevalent than ever. Through the first half of 2021, SonicWall recorded global ransomware volume of 304.7 million, surpassing 2020’s full-year total (304.6 million) — a 151% year-to-date increase.

“In a year driven by anxiety and uncertainty, cybercriminals have continued to accelerate attacks against innocent people and vulnerable institutions,” said SonicWall President and CEO Bill Conner. “This latest data shows that sophisticated threat actors are tirelessly adapting their tactics and embracing ransomware to reap financial gain and sow discord. With remote working still widespread, businesses continue to be highly exposed to risk, and criminals are acutely aware of uncertainty across the cyber landscape. It’s crucial that organizations move toward a modern Boundless Cybersecurity approach to protect against both known and unknown threats, particularly when everyone is more remote, more mobile and less secure than ever.”

Ransomware running rampant
After posting record highs in both April and May, SonicWall recorded another new high of 78.4 million ransomware attacks in June 2021 alone. Ransomware volume showed massive year-to-date spikes in the U.S. (185%) and the U.K. (144%). Accounting for 64% of all recorded ransomware attacks, Ryuk, Cerber and SamSam were the top three ransomware families in the first half of the year, as recorded by SonicWall Capture Labs.

The top five regions most impacted by ransomware in the first half of 2021 were the United States, United Kingdom, Germany, South Africa and Brazil. Across the U.S., the five hardest-hit states were Florida (111.1 million), New York (26.4 million), Idaho (20.5 million), Louisiana (8.8 million) and Rhode Island (8.8 million).

“The continued rise of ransomware, cryptojacking and other unique forms of malware targeted at monetization, along with their evolution of tactics, are evidence that cybercriminal activity always follows the money and rapidly adapts to new opportunities and changing environments,” said SonicWall Vice President of Platform Architecture Dmitriy Ayrapetov.

In line with spikes in global data, SonicWall Capture Labs threat researchers also recorded alarming ransomware spikes across key verticals, including government (917%), education (615%), healthcare (594%) and retail (264%) organizations.

Patented RTDMI finding, blocking more never-seen-before variants than ever
In the fight against known and unknown threats, SonicWall’s patented Real-Time Deep Memory InspectionTM (RTDMI) identified record numbers of never-before-seen malware, posting a 54% year-to-date increase over the first half of 2020.

RTDMI technology blocks more advanced and unknown malware compared to traditional behavior-based sandboxing methods, and with a lower false-positive rate. This can be seen in the latest ICSA Labs Advanced Threat Defense (ATD) Q2 test results, where the SonicWall Capture Advanced Threat Protection (ATP) service with RTDMI detected 100% of previously unknown threats with zero false positives across 33 consecutive days of testing.

In its most recent test administered in the second quarter of 2021, ICSA conducted a total of 1,144 tests against Capture ATP, with a mixture of 544 new and little-known malicious samples and 600 innocuous applications. Capture ATP correctly identified 100% of malicious samples while allowing all clean samples through. It was the sixth consecutive ICSA ATD certification for Capture ATP, and second ‘perfect score’ in as many quarters.

“Third-party validation is hard earned, particularly in today’s fast-moving threat landscape,” said SonicWall Vice President of Software Engineering & Threat Research Alex Dubrovsky. “Consecutive perfect certifications is a testament to the SonicWall team and our continued quest to arm organizations with intelligence and technology that help protect them from the most dangerous cyber threats.”

Malware continues to fall, non-standard port attacks down
Last year, SonicWall recorded a drop in global malware attacks, a trend that continued in the first half of 2021 with a 24% drop in malware volume worldwide. As threat actors become more sophisticated — using ransomware, cryptojacking and other types of cyberattacks to launch surgical strikes — the need for “spray-and-pray” malware attempts has lessened, decreasing overall volume.

Malware attacks via non-standard ports also fell in 2021 after hitting record highs in 2020. These attacks, which aim to increase payloads by bypassing traditional firewall technologies, represent 14% of all malware attempts in the first half of 2021, down from 24% year to date.

Cryptojacking malware remains a concern
After having made an unexpected revival in 2020, cryptojacking malware continued to climb through the first half of 2021 as cryptocurrency prices remain high. From January to June, SonicWall threat researchers recorded 51.1 million cryptojacking attempts, representing a 23% increase over the same six-month period last year.

Europe was particularly ravaged, recording a 248% year-to-date rise in cryptojacking malware. This increase highlights the volatile shifts of a market cybercriminals have come to leverage due to their high desire for online anonymity when it comes to lucrative payouts.

IoT vector continues to serve threats
Last year, employees packed their belongings and went home in droves, introducing millions of new devices to the network and millions of openings for cybercrime. This year, Internet of Things (IoT) malware attacks have continued to increase, rising 59% year-to-date globally, a trend stemming back to 2018.

While the U.S. saw a slightly smaller 15% year-to-date increase in IoT malware, Europe and Asia also saw alarming rises of 113% and 190%, respectively, in IoT malware volume.

SonicWall Capture Labs threat researchers collect and analyze threat intelligence data from 1.1 million sensors in over 215 countries and territories. This includes cross-vector, threat-related information shared among SonicWall security systems, including firewalls, email security devices, endpoint security solutions, honeypots, content filtering systems and the SonicWall Capture Advanced Threat Protection (ATP) multi-engine sandbox; SonicWall internal malware analysis automation framework; malware and IP reputation data from tens of thousands of firewalls and email security devices around the globe; and shared threat intelligence from more than 50 industry collaboration groups and research organizations.

To download the full mid-year update of the 2021 SonicWall Cyber Threat Report, please visit www.sonicwall.com/threatreport.

About SonicWall
SonicWall delivers Boundless Cybersecurity for the hyper-distributed era in a work reality where everyone is remote, mobile and unsecure. SonicWall safeguards organizations mobilizing for their new business normal with seamless protection that stops the most evasive cyberattacks across boundless exposure points and increasingly remote, mobile and cloud-enabled workforces. By knowing the unknown, providing real-time visibility and enabling breakthrough economics, SonicWall closes the cybersecurity business gap for enterprises, governments and SMBs worldwide. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Latest Stories

" alt="" />
November 6, 2024

SonicWall Unveils TZ80: Empowering Service Providers to Deliver Comprehensive Security, Remote Access and Networking Solutions for Branch Offices and SOHO

More Than a Firewall: SonicWall Introduces Integrated Cybersecurity Platform with the TZ80 at the Core of the Market’s Next-Gen SOHO Solution, Featuring: Industry-First Warranties, Cloud Native VPN, Firewall Management and Flexible Pricing MILPITAS, Calif. — November 7, 2024 — SonicWall announced today the launch of the TZ80, a groundbreaking security solution designed specifically for branch offices and small office/home office (SOHO) environments. With its comprehensive, cost-effective package of networking, access, and security solutions, the TZ80 is a subscription-based device designed for service providers and value-added resellers (VARs) – and is set to revolutionize the way they deliver cybersecurity. The SonicWall TZ80 combines performance and price and provides industry leading networking and security capabilities, with advanced threat protection at a low total cost of ownership (TCO), making the TZ80 ideal for branch offices with remote workers, SOHO, IoT, and businesses with small form-factor requirements. This best-in-class firewall platform features built-in integration with cloud-native zero trust network access (ZTNA) and VPN as a service (VPNaaS) for hybrid environments and is backed by world-class technical support, available firewall management and network monitoring, and an industry-first cyber threat warranty. “The TZ80 is more than a firewall; it embodies the future of cybersecurity for managed service providers and their customers,” said SonicWall President and CEO Bob VanKirk. “With this launch, we’re transforming network security by integrating on-premise, hybrid, and cloud technologies into a cohesive solution. Our unified approach enhances security and performance while protecting customer data with modern cloud management and backed by expert services to keep our partners secure in today’s evolving threat landscape.” MSPs can complement their existing firewall monitoring and network operations center (NOC) to enhance their services with SonicWall’s managed security services, who work behind the scenes as a force multiplier for SonicWall partners. The Managed Protection Services Suite (MPSS) bundle provides management for TZ80 devices, with remote implementation, firmware and vulnerability management, and system health monitoring to help MSPs ensure that their customers employ best practices and stay up-to-date for the highest level of protection in today’s threat landscape. “We’ve been looking for a solution like the TZ80, and it’s exciting to see SonicWall deliver precisely what we need,” said President/CEO and SonicWall partner Brian A. Reed of Firewalls.com. “This opens up significant opportunities in the SOHO market for us, and the bundled cloud native VPN adds tremendous value, while the pay-as-you-go model makes it even more accessible. Additionally, the MPSS bundle enhances our offering and helps us stay focused on the core of our business, ensuring our clients stay secure.” To further enhance the value proposition, SonicWall will offer industry-first cybersecurity warranties for the TZ80 and other SonicWall front-line defense products certified by Cysurance. These warranties will help supplement insurance coverage by providing cash for covering deductibles or other out of pocket expenses before insurance kicks in. SonicWall will offer warranties for the TZ80 and other certified products as follows: $100K for a qualifying firewall $200K for a qualifying managed firewall Additionally, SonicWall is excited to introduce its latest and new "3 & Free" promotion. This promotion includes cloud native VPN licenses along with a free next-gen firewall. When purchasing a 3-year Advanced Protection Services Suite (APSS) or Essential Protection Services Suite (EPSS) customers get more than just free firewalls - they also gain comprehensive protection from latest cyber threats. SonicWall remains dedicated to equipping its partners with the tools they need to deliver security outcomes in a rapidly evolving cybersecurity landscape. The TZ80 represents a significant leap forward in delivering scalable, and integrated security solutions via our MSPs for branch offices and SOHO environments. To learn more about SonicWall’s TZ80, the full offering, new warranties and promotions please visit https://www.sonicwall.com/products/firewalls/soho. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />

Infinigate and SonicWall Expand Partnership Across Eastern Europe

SonicWall and Infinigate extend their successful collaboration to cover the Eastern European region, including Balkan countries.   Rotkreuz, Switzerland – November 6, 2024: The Infinigate Group, the leading technology platform and trusted advisor in cybersecurity, cloud and network infrastructure, and SonicWall, a leading cybersecurity innovator and partner-first company, are extending their partnership across Eastern Europe. Infinigate will distribute SonicWall’s entire advanced portfolio of network and endpoint security, Cloud Secure Edge (CSE) and Managed Security Services (MSS) offering channel partners effective solutions to meet the ever-evolving requirements of a broad customer base – from SMB through to enterprise organisations. Spencer Starkey, Executive Vice President at SonicWall said: “The Eastern European market presents a strong opportunity for growth and Infinigate, in view of our long-standing successful collaboration and their reach and experience in this geographical area, is absolutely the right distribution partner for us. Being a channel-first organisation, we value Infinigate’s specialist focus and their technical and market knowledge.” Protecting your business from escalating cyber-attacks has become a priority, as illustrated in Sonic Wall’s 2024 Mid-Year Cyber-Threat Report. Ransomware is on the rise in the Americas, while EMEA is pulling the global numbers down, suggesting improved cybersecurity measures and law enforcement interventions are having a positive impact. “We are delighted to build on our long-standing success with SonicWall and leverage the full potential of this growing region, where cybersecurity is high on the agenda, as illustrated by the NIS2 readiness statistics,” said Denis Ferrand Ajchenbaum, Chief Growth Officer at Infinigate Group and Managing Director of Infinigate Cloud. “As a leading Managed Security Services Distributor, we value SonicWall’s range of managed security services that considerably strengthen our offering in the region,” he added. Doru Manea, RVP East at Infinigate commented: Doru Manea, RVP East at Infinigate, commented: “Bringing SonicWall into our regional portfolio strengthens our ability to support our channel partners across Eastern Europe. With SonicWall’s expertise in cybersecurity, we can better equip our partners to meet the security needs of businesses in this market. Our channel reach and the strong cybersecurity culture in the region are a solid basis for our shared success” About Infinigate The Infinigate Group, the leading technology platform and trusted advisor in Cybersecurity, Cloud & Network Infrastructure covers over 100 countries across EMEA, Australia and New Zealand. In the 2023-2024 financial year the Infinigate Group revenue reached 2.3B€. Our focus and deep technical expertise on cybersecurity, secure networks and secure cloud for SMB and enterprise set us apart. Our 1,250 employees provide locally tailored services complementing a robust central supply chain, sparking growth for our partners, MSSPs and vendors. In 2022, Starlink, Vuzion (now Infinigate Cloud) and Nuvias became part of the Infinigate Group. In 2024, Wavelink became an Infinigate Group company, adding coverage for the Australian and New Zealand (ANZ) market. For additional information please visit www.infinigate.com About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
October 31, 2024

Government Organizations Face Surge in Malware and DDoS Attacks, Raising Alarms Over Potential Election Disruption

Newest report highlights some escalating risks to critical infrastructure as election day approaches MILPITAS, Calif. — October 31, 2024 — SonicWall released its latest threat brief focused exclusively on governments, reporting a staggering 236% year-over-year increase in malware-related attacks against government organizations globally during the first quarter of 2024. This alarming trend coincides with a notable 27% rise in attacks in the month leading up to the upcoming election, underscoring the urgent need for enhanced security measures. SonicWall's comprehensive threat intelligence reveals a 33% increase in attacks related to the software supply chain since the start of the year. Additionally, DDoS (Distributed Denial of Service) attacks are on track to surpass last year's figures by 32% - underscoring the escalating risks to critical infrastructure as election day approaches. “As attackers continue to attack critical government services and election-related systems, the importance of multi-layered cybersecurity measures cannot be overstated,” said Executive Director of Threat Research Doug McKee. "In a rapidly evolving threat landscape, the stakes have never been higher. We must  embrace cross-industry collaboration and threat intelligence information sharing  to ensure the integrity of our electoral processes and protect our vital infrastructure from those seeking to exploit  these systems. "  Rising Threats to Election Security The recent Hezbollah pager supply chain attack serves as a stark reminder of how easily everyday devices can be exploited to launch significant cyberattacks. As attackers target seemingly innocuous devices lacking stringent security protocols, the risk extends to critical election infrastructure. For instance, compromised IP cameras, frequently utilized at polling locales, could be weaponized or compromised to disrupt essential operations. SonicWall data highlights the pressing need for vigilance, as the company has successfully thwarted over 12.9 million attacks targeting IP cameras this year alone. These devices, often overlooked in cybersecurity strategies, present an enticing entry point for cybercriminals aiming to undermine public trust in the electoral process.  The Vulnerability of IoT Devices The growing reliance on Internet of Things (IoT) devices within government operations raises significant concerns. Many of these devices, including security systems and smart sensors, lack robust defenses, making them attractive targets for malicious actors. SonicWall emphasizes the urgent need for organizations to implement rigorous security measures to protect against the exploitation of vulnerable devices. The potential consequences of these vulnerabilities extend far beyond traditional cybersecurity threats, threatening the integrity of national infrastructure and electoral security. Call to Action As the election approaches, SonicWall urges government organizations to prioritize cybersecurity by strengthening their defenses against malware and DDoS attacks. By implementing advanced security solutions and enhancing awareness of IoT vulnerabilities, organizations can better safeguard their operations against these escalating threats. For more information about SonicWall and see the Government Threat Brief, please visit https://www.sonicwall.com/resources/brief/2024-threat-brief-government. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
September 25, 2024

SonicWall Report Details 14 Million Victims of Malware Breaches in the U.S. Healthcare Sector

SonicWall discovers 91% of healthcare breaches involve ransomware in 2024 - underscoring the urgent need for improved cybersecurity and strong partnerships with MSPs/MSSPs MILPITAS, Calif. — September 26, 2024 — SonicWall today unveiled a 2024 SonicWall Threat Brief, focused exclusively on the healthcare industry and is based on extensive research from SonicWall Capture Labs. The report reveals that a minimum of 14 million patients in the U.S. have fallen victim to malware breaches in this sector. Despite SonicWall sensors successfully preventing over 26,000 attacks, the findings underscore that healthcare organizations, due to their essential operations and potential for financial gain, remain prime targets for ransomware. Many healthcare organizations operate with limited cybersecurity resources and often rely on outdated technology – making them susceptible to ransomware attacks. SonicWall also determined that an astounding 60% of vulnerabilities were leveraged against Microsoft Exchange. "Understanding the threat landscape is crucial for the healthcare industry to effectively defend against cyberattacks,” said Executive Director, Threat Research at SonicWall Doug McKee. “As ransomware evolves and targets sensitive patient data, organizations must stay informed about emerging threats and vulnerabilities. By equipping themselves with knowledge and robust security measures, healthcare providers can better protect their critical operations and ensure the safety of patient information." Disrupting access to patient data or medical systems can have life-threatening consequences. Because of this, healthcare organizations are more likely to pay ransoms to restore operations quickly. In 2024, ransomware was leveraged in 91% of malware-related data breaches in the healthcare sector, with Lockbit emerging as one of the most notorious ransomware groups targeting this industry. The increasing digitalization of health records and telehealth services further expands the attack surface, making it nearly impossible for healthcare organizations to go it alone. Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) should play a vital role in the healthcare industry by delivering specialized expertise and resources that many organizations lack. As cyber threats become increasingly sophisticated, MSPs/MSSPs can implement robust security measures, monitor systems in real-time, and ensure compliance with regulatory standards. Their proactive approach to cybersecurity helps healthcare providers defend sensitive patient data, minimize downtime, and focus on delivering quality care, ultimately enhancing the resilience of the entire healthcare ecosystem. To learn more about SonicWall’s finding in its 2024 SonicWall Threat Brief, please visit www.sonicwall.com/resources/brief/2024-threat-brief-healthcare. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram. About SonicWall Capture Labs SonicWall Capture Labs threat researchers gather, analyze and vet cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 215 countries and territories. SonicWall Capture Labs, which pioneered the use of artificial intelligence for threat research and protection over a decade ago, performs rigorous testing and evaluation on this data, establishes reputation scores for email senders and content, and identifies new threats in real-time.

Read More
Follow Us

© 2024 SonicWall. All Rights Reserved.

Company
Popular resources
Subscribe to newsletter

Stay In Touch

  • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • This field is for validation purposes and should be left unchanged.