SonicWall Report: Cryptojacking Soars as Cyberattacks Increase

SonicWall, a Milpitas, California-based cybersecurity company, has released its Mid-Year Cyber Threat Report, tracking tactical behaviors from digital threat actors.

According to the report, overall intrusion attempts were up, led by the highest year on record for global cryptojacking volume recorded by SonicWall, as threat actors shifted away from traditional ransomware attacks in favor of a stealthier means of malicious activities. The data suggests increased law enforcement activity, heavy sanctions, and victims’ refusal to pay ransom demands have altered criminal conduct, and threat actors are targeting other means of revenue.

Cybercriminals are diversifying and expanding their skill sets to attack critical infrastructure, making the threat landscape even more complex and forcing organizations to reconsider their security needs. Despite the decline in global ransomware attempts (-41%), a variety of other attacks have trended up globally, including cryptojacking (+399%), IoT malware (+37%) and encrypted threats (+22%).

“SonicWall intelligence suggests that bad actors are pivoting to lower-cost, less risky attack methods with potentially high returns, like cryptojacking,” said SonicWall Vice President of Product Security Bobby Cornwell. “It also explains the reason we’re seeing higher levels of cybercrime in regions like Latin America and Asia. Hackers search for the weakest points of entry, with the lightest possible repercussions, limiting their risk and maximizing their potential profits.”

Prominent attacks continued to plague enterprises, cities, airlines, and even K-12 schools, causing widespread system downtime, economic loss, and reputational damage. While several industries followed the global trend of ransomware volume decline, they saw a huge growth in cryptojacking attacks: education (+320X), government (+89X) and healthcare (+69X).

According to the report, total global malware volume dipped slightly (-2%), in the first half of 2023, with the U.S. and U.K. logging the biggest dips – (-14%) and (-7%) respectively. Malware numbers climbed in every other tracked region. Europe saw an (+11%) increase, while Latin America malware jumped (+19%) – suggesting a geo-migration of threat actor behavior as they move from targeting traditional hotspots to more opportunistic locations.

Although overall ransomware numbers saw a 41% decline globally, Q2 suggests a potential rebound, as it spiked 73.7% when compared to Q1. Some countries still felt the sting of ransomware attacks as Germany increased (+52%) and India spiked a whopping (+133%).

Despite a dip in never-before-seen malware variants, the threat landscape remains complex, with almost 1,000 strains of new variants discovered each day.

Channel Impact^®
The data indicates that cybercriminals are more opportunistic than ever, targeting schools, state and local governments, and retail organizations at unprecedented rates. Channel partners should be aware of this expansion as they plan security strategies for their clients.