SonicWall has released the 2023 SonicWall Mid-Year Cyber Threat Report. The bi-annual report uncovers evolving tactical activity from digital threat actors as they develop different types of malicious attacks.
Overall intrusion attempts were up, led by the highest year on record for global cryptojacking volume, as threat actors shifted away from traditional ransomware attacks towards stealthier means of malicious activities. SonicWall data suggests that increased law enforcement activity, heavy sanctions, and victims’ refusal to pay ransom demands have altered criminal conduct; and threat actors are targeting other means of revenue.
Cybercriminals are diversifying and expanding their skill sets, making the threat landscape even more complex and forcing organizations to reconsider their security needs. Despite the decline in global ransomware attempts (-41 percent), a variety of other attacks have trended up globally, including cryptojacking (+399 percent), IoT malware (+37 percent) and encrypted threats (+22 percent).
“SonicWall intelligence suggests that bad actors are pivoting to lower-cost, less risky attack methods with potentially high returns, like cryptojacking,” said SonicWall Vice President of Product Security Bobby Cornwell. “It also explains the reason we’re seeing higher levels of cybercrime in regions like Latin America and Asia. Hackers search for the weakest points of entry, with the lightest possible repercussions, limiting their risk and maximizing their potential profits.”
Financially motivated threat actors continue to be successful despite challenges. They have pivoted to crimes with greater certainty of success but they will not abandon proven tactics like ransomware; they are simply shifting strategy by target rather than exiting altogether.
The 2023 Mid-Year SonicWall Cyber Threat Report provides insight on a range of cyber threats, including:
Malware: total global malware volume dipped slightly (-2 percent), in the first half of 2023, with the US and UK logging the biggest dips at -14 percent and -7 percent respectively. Surprisingly, malware numbers climbed in every other tracked region. Europe saw an 11 percent increase, while Latin America malware jumped +19 percent – suggesting a geo-migration of threat actor behavior as they move from targeting traditional hotspots to more opportunistic locations.
Ransomware: although overall ransomware numbers saw a 41 percent decline globally, Q2 suggests a potential rebound, as it spiked 73.7 percent when compared to Q1. Some countries still saw an overall increase, notably Germany (+52 percent) and India (+133 percent).
IoT malware: global volume rose 37 percent, totaling almost 78 million hits by the end of June. As connected devices continue to rapidly multiply, bad actors are targeting weak points of entry as potential attack vectors into organizations.
Encrypted threats: yet another quieter approach embraced by bad actors in the last six months was encrypted threats, which climbed 22 percent globally.