"Relentless" may best describe ransomware combatants and is indicative of cybercrime syndicates’ morphing trajectories of attack and multiple extortion plots to maximize damage inflicted on organizations. Think of it as a malevolent Groundhog Day re-lived over and over with no lasting effect.
On the one hand, it describes a sense of satisfaction cyber defenders get from successfully thwarting attackers, while on the other hand, it conveys how difficult it is to brawl against non-stop, well-armed aggressors.
Last year, by many accounts, ransomware actors intensified their operations, aiming at high-profile, data rich targets such as critical infrastructure, hospitals, schools and government agencies. In the last year alone, ransom payment amounted to an astronomical $1.1 billion, by one audit, roughly twice as much as the year before.
Further evidence of the swirling cyber landscape comes from SonicWall’s recently published 2024 Annual Cyber Threat Report. The channel-first cybersecurity vendor found that while ransomware attacks overall slid 36% last year, the second half of the year showed a 27% upward spike peaking at 37% growth during the third quarter of 2023, suggestive of a “relentless” rebound. Last year marked the third year in a row the company measured a decline in ransomware attacks.
317 Million Ransomware Attacks Recorded
While SonicWall’s threat researchers recorded more than 317 million ransomware attacks, a 36% year-over-year slide, it was still the third-highest total on record.
The 14-page report is intended to help partners “build data-driven solutions to keep customers safe,” SonicWall said, calling 2023 “a year of volatile, adaptive and creative digital threats.” Threat actors, the report said, “continue to be relentless in their assault, leaving organizations looking for another layer of defense.”
Bob VanKirk, SonicWall president and CEO, said in a statement that partners need “proactive strategies and actionable insights” based on current threat intelligence in addition to proven solutions.
“Security professionals need assistance to cope with the overwhelming volume of cyberattacks and protect from the endpoint to the cloud,” he said. “Especially as the cloud becomes an indispensable reality for businesses, the role of MSPs is shifting from technical maintenance to raising the bar on their customers' security posture.”
Beyond Ransomware
SonicWall’s data showed a distinct “acceleration” in volume of attacks “nearly across the board,” the report said. For example, malware jumped 11% year-over-year, with encrypted threats up 117% and cryptojacking up 659%.
In addition to ransomware, the SonicWall review provided data about other cyberattacks in 2023:
- Malware. Total global malware volume rose 11% in 2023, with Latin America and the U.S. logging the biggest jumps (+30%) and (+15%), respectively. Europe saw a (-2%) decrease, with the UK seeing the steepest decline of -28%.
- IoT exploit. Global volume rose 15%, as connected devices continue to rapidly multiply. Bad actors are targeting weak points of entry as potential attack vectors into organizations.
- Encrypted threats. Encrypted threats spiked (+117%) globally.
Hackers moved on familiar targets in 2023, namely education, healthcare, retail and government. While malware attacks on schools dropped 3% last year, attacks targeting healthcare and retail rose 20% and attacks aimed at government agencies spiked 38%.
The finance sector was hardest-hit, as malware attacks on that vertical doubled. Most verticals experienced an increase in attacks during 2023, SonicWall found.
As for artificial intelligence, “Threat actors are steadily adopting ChatGPT and other generative AI technology to refine phishing attempts, carry out highly convincing business email compromise (BEC) attacks, and quickly writing malicious code,” SonicWall reported. “AI also holds great promise for the world’s defenders.”
SonicWall said that it has geared the report mostly toward small- to medium-sized businesses (SMBs) inasmuch as those companies comprise 80% of its end users.