As part of our partnership with SonicWall, we have been focusing on cyber threats, and the current trends in cybercrime, to make sure we are offering the most effective security services. With this, SonicWall has produced a Cyber Threat Report outlining their latest threat intelligence, including stealthier threat actor behaviours and the diversification in the cyberattack strategies being used today.
In recent years, cybercriminals groups have been becoming more and more corporatised, even marketing themselves to become more widely known, be taken more seriously and to build a reputation for “fair” dealings with victims. Smaller groups have also borrowed the branding of larger groups on occasion, hoping to capitalise on their brand recognition.
But despite their attempts to feign legitimacy, government and law enforcement have upped efforts to combat the problem of cyber-criminality. Whilst this increased focus will not stop the issue outright, we have seen threat actors change their behaviours. Increasingly we are seeing them move away from more public facing operations to lower-risk activities such as cryptojacking, IoT malware and encrypted threats.
Whilst malware remained essentially flat (falling just two percent compared with the first half of 2022), there has still been plenty of change under the surface. Out of a global 2.7 billion hits, North America saw 1.3 billion and was the only region to record a decrease. Conversely, Europe and LATAM saw double-digit growth, the suggestion being that cybercriminals are moving their focus to other areas.
Education and finance industries saw larger increases in malware, however none of the industries examined showed a decrease.
Ransomware decreases are expected with changing trends and a greater cybercriminal focus on operating under the radar. And with a 41% decrease in attack volumes in the first half of 2022, you would be forgiven for thinking that the criminal groups are moving away from ransomware permanently, but SonicWall doesn’t think so. Whilst the year-to-year trend line still shows a decline, monthly, there has been a ransomware rise, with a second quarter 74% higher than the first.
Cryptojacking has seen the biggest rise by an attack type, taking the place of ransomware. The number of cryptojacking hits reached 332 million in the first half of 2023, which is a 399% rise up to the midpoint of this year. This record high could see cryptojacking hits for this year amass more than all other years combined.
SonicWall Capture Labs threat researchers have seen a continued rise in the amount of IoT malware in the first half of 2023, jumping 37% to 77.9 million. If this continues, the number of IoT malware attacks will overtake last year’s total, which was the previous record high.
North America saw a slight, 3% decrease in attacks, yet there were three digit jumps across Asia and Latin America. India, in particular, saw IoT malware skyrocket 311%.
Attacks involving malicious PDFs dropped 10% in the first six months of 2023, but there was a bigger increase in the use of malicious Microsoft Office file. Those attacks fell 75% compared with the same time period in 2022. Some of this decrease may be due to Microsoft’s recent efforts to increase security, but time will tell whether this is a sustained downturn or whether cybercriminals make inroads around these new restrictions.
“The seemingly endless digital assault on the enterprise, governments and global citizens is intensifying and the threat landscape continues to expand,” said SonicWall President and CEO Bob VanKirk. “Threat actors are relentless, and as our data indicates, more opportunistic than ever before, targeting schools, federal governments and retail organizations at unprecedented rates. The 2023 SonicWall Mid-Year Cyber Threat Report helps us understand both the criminal mindset and behaviour, which will in turn help organizations protect themselves and build stronger defences against malicious activities.” Read the full report here.
With this information and our continued collaboration with SonicWall, we are able to keep our security services at the cutting edge, protecting our clients and their information. If you would be interested in the full report, that can be found here, and if you are looking to upgrade or update your IT security, please get in touch with us at Vissensa.