Johannesburg, 05 Oct 2023
In the first half of 2023, cyber criminals exhibited a shift in their tactics, opting for quieter attacks rather than solely relying on or augmenting ransomware. This shift included the use of crypto-jacking, IOT malware and encrypted threats. The increased scrutiny from law enforcement, prominent arrests and improved security measures in the United States prompted threat actors to diversify their targets. They are now splitting their focus between high-profile targets, which offer substantial rewards, and softer targets such as educational institutions. This evolving threat landscape remains dynamic, and SonicWall is committed to monitoring these trends throughout the latter half of 2023 and beyond.
Record surge in crypto-jacking:
In 2022, crypto-jacking attacks exceeded 100 million for the first time. However, in the first six months of 2023, the volume of these attacks not only surpassed that record but nearly tripled it, surging by 399% to over 332 million attacks. This represents an unprecedented high and is expected to continue growing throughout 2023, potentially surpassing the cumulative volumes of all previous years combined. Notably, North American and European customers, along with those in government and education sectors, experienced significant spikes in crypto-jacking attacks in the first half of the year.
Ransomware decline with potential rebound:
While cyber criminals shifted their focus, ransomware attacks decreased by 41% to 140 million in the first half of 2023. However, it is important to note that ransomware attack volumes have not returned to pre-pandemic levels. Moreover, a 74% increase in attack volume from the first quarter to the second quarter suggests a potential rebound in the second half of the year. Some regions, including Germany and India, and certain industries, particularly government, saw a rise in ransomware attacks during this period.
Changes in malware landscape:
While overall malware volumes remained relatively stable compared to the same period in 2022, there were shifts in attack targets. The United States remained a major malware target, accounting for 1.3 billion out of 2.7 billion global attacks, although it experienced a 12% year-to-date decrease. Conversely, Europe and LATAM witnessed double-digit growth in malware attacks, indicating a redirection of cyber criminal attention. Education and finance sectors saw significant increases in malware attacks, with no industry reporting a decrease.
Rise in IOT malware:
IOT malware continued its upward trend in the first half of 2023, rising by 37% to 77.9 million attacks. This figure set a new record and suggests that 2023 may surpass the previous year's record of 112.3 million IOT malware attacks. The North American region was the only one to experience a decrease in IOT malware attacks, falling by 3%. This drop was offset by triple-digit surges in LATAM and Asia, with India witnessing a staggering 311% increase in IOT malware volume.
Decrease in malicious PDF and Office file attacks:
Attacks involving malicious PDFs declined by 10% during the first half of 2023, while attacks involving malicious Office files experienced a substantial 75% drop compared to the same period in 2022. Some of this decline may be attributed to Microsoft's recent security enhancements. It remains to be seen whether this trend will continue or if cyber criminals will adapt to overcome these new security measures.
Overall increase in intrusion attempts:
SonicWall recorded a total of 3.7 trillion overall intrusion attempts in the first half of 2023, representing a 21% year-to-date increase. However, despite the rise in total volume, intrusion attempts categorised as moderate and high severity decreased by 7% globally. Educational institutions were particularly targeted, with approximately 39% of these customers experiencing intrusion attempts each month, a notable increase from the same period the previous year.
“The bi-annual cyber threat report from SonicWall provides invaluable insights into the current threat landscape. As cyber security professionals, it is extremely important to stay up to date with latest trends,” states Ian Parker, Executive Product Manager at LOOPHOLD Security Distribution. “We highly recommend downloading the full report from our website and spending the time to analyse the information and statistics provided.”
Please feel free to download a copy from https://www.loophold.com/mid-year-2023-cyber-threat-report-sonicwall/.