SonicWall: Pandemic creates a perfect storm for cyber criminals

Read time 3min 00sec

COVID-19 provided threat actors with ample opportunity for more powerful, aggressive and numerous attacks, thriving on the fear and uncertainty of remote and mobile workforces. Cyber criminals

This was revealed by the 2021 SonicWall Cyber Threat Report, which uses the SonicWall Capture Threat Network to gather information from over 1.1 million security sensors across 215 countries and territories. In addition, it uses the information gathered by SonicWall’s range of solutions, and threat intelligence from more than 50 industry collaboration groups and research organisations.

A perfect storm

2020 was full of vulnerable targets – from the remote workforces, largely unaware of the security implications and best practices tied to such a paradigm shift, to worried and confused populations, many of whom trusted almost anything claiming to offer more information about the pandemic, attackers found themselves in the middle of a “perfect storm” of opportunity.

Add to this a combination of cloud-scale infrastructure, the widespread availability of malicious tools such as PowerShell, Mimikatz and Cobalt Strike, and payments via anonymous crypto-currencies – and it’s easy to see how average cyber criminals have been able to inflict heavy-duty damage usually only associated with sophisticated nation-state campaigns.

A look at the numbers

The report reveals that attackers are weaponising cloud storage and advanced cloud-based tools to create record ransomware attack effectiveness and volume. In fact, ransomware skyrocketed with a 62% increase since 2019 with 304.6 million attacks.

In addition, SonicWall research shows that the shift to work from home could be directly linked to the increased use of Office files as malicious vehicles loaded with phishing URLs, embedded malicious files and other dangerous exploits. Data indicated a 67% increase in malicious Office files in 2020.

Crypto-jacking also rose to a three-year high thanks to rising crypto-currency values and their use for untraceable payouts. In 2020, crypto-jacking set records with a staggering 81.9 million hits – an increase of 28% from 2019’s 64.1 million total.

IOT malware rose by a whopping 66% as threat actors leveraged the COVID-19 pandemic, with researchers recording 56.9 million IOT malware attempts.

A lack of visibility

Malware experienced a sharp drop (-43%) from 2019, with 5.6 billion malware attacks, but SonicWalls cautions that this isn’t cause for celebration. 

“With many employees working from home, cyber security vendors are losing visibility into traffic, and potential attacks along with it, so this number may be much higher.”

In addition, the company says it has seen cyber crime numbers pushed up, in several cases to new records, and also recorded 268 362 'never-before-seen' malware variants in 2020, a 74% year-on-year increase.

‘When’ not ‘if’

Although it remains to be seen whether cyber crime’s perfect storm will continue to rage into this year, it’s already clear that the confluence of factors at work over the past year has pushed it to a new level, requiring increased security, vigilance and cunning as we move into the new year, the company says.

2020, a year in which very little went as expected, highlighted the danger of approaching cyber resiliency as merely a best practice, concludes Bill Conner, president & CEO of SonicWall. 

“It is vital that we expand our thinking from just 'How are we going to prevent an attack? to include 'What will we do when (not if) we get attacked?'"

See also