Cyber Threat Report highlights large increase in Internet of Things malware in 2023
- Published: Wednesday, 01 March 2023 09:36
SonicWall has published the 2023 SonicWall Cyber Threat Report. The bi-annual report details an increasingly diversified cyber attack landscape amid shifting threat actor strategies. SonicWall recorded a dip in global ransomware volume but saw an 87 percent increase in Internet of Things (IoT) malware. Bad actors are likely to be probing soft targets to leverage as potential attack vectors into larger organizations, says the report.
Threat actors shift strategies
Global malware volume increased two percent year-over-year, but it was jumps in IoT malware (+87 percent) and cryptojacking (+43 percent) that offset the decline of overall global ransomware volume (-21 percent), signifying a strategic shift. Threat actors have embraced slower and more stealthy approaches to achieve financially-motivated cyber attacks.
In addition to cyber attacks becoming more sophisticated and covert, threat actors are showing clear preferences for certain techniques, with notable shifts toward weak IoT devices, cryptojacking, and potentially soft targets like schools and hospitals.
Prominent ransomware attacks impacted enterprises, governments, airlines, hospitals, hotels, and even individuals causing widespread system downtime, economic loss, and reputational damage. Several industries faced large year-over-year increases of ransomware volume, including education (+275 percent), finance (+41 percent), and healthcare (+8 percent).
Although overall ransomware numbers saw a 21 percent decline globally, the total volume in 2022 was higher than 2017, 2018, 2019, and 2020. In particular, total ransomware in Q4 (154.9 million) was the highest since Q3 2021.
As mentioned above, total malware volume was up two percent in 2022 after three straight years of decline - as SonicWall predicted in the 2022 SonicWall Cyber Threat Report. Following that trend, Europe as a whole saw increased levels of malware (+10 percent) as did Ukraine, which had a record 25.6 million attempts, suggesting malware was used heavily in regions impacted by geopolitical strife. Interestingly, malware was down year-over-year in key countries like the US (-9 percent), UK (-13 percent), and Germany (-28 percent).