The Year of Ransomware

11/4/2021 Ray Wyman

H1The Year of Ransomware
H2According to SonicWall, with 495 million known ransomware attacks so far this year, 2021 is now on track to be the worst ever recorded.

The Year of Ransomware

According to SonicWall, with 495 million known ransomware attacks so far this year, 2021 is now on track to be the worst ever recorded.

The ransomware juggernaut is still rolling through global networks at ever-increasing speed and accuracy. Threat actors are battering through surprisingly weak cybersecurity defenses of some well-known and essential businesses and government agencies. To say that these hacks are causing problems and consternation threatens to be a gross understatement. These cyberthreats are global, catastrophic and potentially deadly.

A 148% Increase in the Number of Attacks

Meanwhile, SonicWall was back in the news with a new report titled The Year of Ransomware. The stunning headline is backed up with an updated third-quarter tally that shows ransomware attacks increased by 148%. With 495 million known ransomware attacks, 2021 is now the worst ever recorded. Additionally, SonicWall confidently forecasted that the year could end with 714 million ransomware attacks.

The report concludes a 33% rise in IoT malware attacks worldwide, the most prevalent being in the US and Europe. There was also a 21% increase in cryptojacking in the US, with Europe inundated with a massive 461% growth.

Growing Concern: A 73% Increase in Unique Malware Variants

The company goes on to note that its customers experienced 1,748 ransom attempts during the third quarter. Put another way, there were 9.7 ransomware attempts per customer for each and every business day. But the most troubling aspect of that incredible number is that SonicWall claims that they detected 307,516 “never-before-seen” malware variants — a 73% increase over previous years. 

SonicWall’s method to arrive at this number is their patented RTDMI™ (Real-Time Deep Memory Inspection) technology in its cloud-based Capture Advanced Threat Protection (ATP) sandbox service. Among several patented innovations, RTDMI leverages memory inspection and CPU instruction-tracking with machine-learning capabilities. As a result, the system efficiently recognizes and mitigates cyberattacks, including threats that do not initially show malicious behavior.

This rise in variants points to a growing ability for cybercriminals to rapidly diversify the software they use to attack networks and computers. Coupled with a constant flood of attacks, businesses and individuals will find it increasingly difficult to protect themselves.

A Rise in Other Attacks as Well

Recently, the trade organization that represents and supports telecoms in the UK, the Comms Council UK, says that cybercriminals are also targeting their members with DDoS (distributed denial of service) attacks as an additional means of extorting money. 

The organization reports that the incursions appear to be coordinated and extortion-focused, adding that the UK telecom industry has never seen anything like it.

Previously, DDoS attacks were often considered an unsophisticated “blunt instrument” for an attack. However, unless an organization is fully equipped with the latest cybersecurity technology, this kind of attack can be devastating, even if it’s only partially successful. And now, it seems, companies could be held for ransom from this vector as well. 

A Nearly Unimaginable Upward Trend

The 190.4 million ransomware attacks in the third quarter are the highest ever recorded by SonicWall. Additionally, the statistic nearly eclipses the 195.7 million total ransomware attacks recorded during the first three quarters of 2020.

“As we see it, ransomware is on a nearly unimaginable upward trend, which poses a major risk to businesses, service providers, governments and everyday citizens,” said SonicWall President and CEO Bill Conner. 

Despite movements to secure infrastructures, the UK has seen a 233% surge in the number of ransomware attacks, and the US has witnessed a 127% year-to-date increase.

A Grace Period Comes to an Abrupt End

As the sheer volume of attacks illicit words like “global crisis,” “ruthless,” and “a significant national security threat,” people appear to be content to restore a sense of normalcy. And yet, the crisis continues unabated.

“Cybercriminals have never let up, driving ransomware campaigns to record numbers through the first three quarters of 2021,” said Conner. “These criminal organizations will continue to launch highly sophisticated cyberattacks that are designed to target organizations and business with weak or lax security controls.”

Conner has a point. With the flood of attacks from all directions, companies and governments will find it increasingly challenging to protect their networks and assets with old or out-of-date security.

The real-world damage we’re experiencing is far beyond anecdotal. We’re literally staring down the avenue of a global crisis that has already taken a severe toll on businesses and governments everywhere. 

The only thing we can conclude is that any grace period we may have enjoyed from having to enforce stricter cybersecurity has ended abruptly.

“The techniques deployed by ransomware actors have evolved well beyond the smash-and-grab attacks from just a few years ago,” said SonicWall Vice President of Platform Architecture Dmitriy Ayrapetov. “Today’s cybercriminals demonstrate deliberate reconnaissance, planning and execution to surgically deploy toolchains targeting enterprise and government infrastructure. This results in larger victims and leads to higher ransoms.”