International. A 148% increase in global ransomware attacks during the third quarter of 2021 were logged by SonicWall. With 495 million ransomware attacks recorded by the company this year to date, 2021 will be the costliest and most dangerous year ever recorded.
This month, the current US administration hosted a global summit on ransomware with the aim of compromising "all national tools" to stop cyberattacks in critical sectors. Major governments attended, including the United Kingdom, India, Australia, Germany and France, as well as the European Union. SonicWall's latest research now confirms that leaders have enough reason to worry.
"As we see it, ransomware is on an almost unimaginable upward trend, posing a significant risk to businesses, service providers, governments and ordinary citizens," said SonicWall President and CEO Bill Conner. "The real-world damage caused by these attacks is more than anecdotal right now. It is a serious national and global problem that has already affected companies and governments around the world. I am hopeful that the recent global summit on ransomware will be the next step towards a greater response at the global, national and state levels."
Ransomware doesn't slow down
2021 has been the busiest year for ransomware on record, and it shows no signs of slowing down. After posting an all-time high in June (78.4 million), these malicious attacks continue to experience aggressive growth in the third quarter.
"The techniques implemented by ransomware actors have evolved far beyond the crushing attacks of a few years ago," said SonicWall's vice president of platform architecture, Dmitriy Ayrapetov. "Today's cybercriminals demonstrate knowledge, deliberate planning and execution to surgically implement toolchains targeting business and government infrastructure. This results in larger victims and leads to greater likelihood of ransom payments."
With 190.4 million ransomware attempts in the third quarter alone, this makes it the highest quarter ever recorded by SonicWall, nearly eclipsing the 195.7 million total ransomware attempts recorded during the first three quarters of 2020.
"While the world has tried to get back to normal intermittently, cybercriminals have never relented, which propelled ransomware campaigns to record numbers during the first three quarters of 2021," Conner said. "These criminal organizations will continue to launch highly sophisticated cyberattacks designed to attack organizations and businesses with weak or lax security controls."
Despite moves to protect the cyber infrastructures of the respective national governments, the UK has experienced a 233% increase in the number of ransomware attacks, and the US has witnessed a 127% increase so far this year.
In total, SonicWall recorded 1,748 ransomware attempts per customer through the third quarter, the equivalent of 9.7 ransomware attempts per customer each business day. SonicWall predicts that the total ransomware by the end of 2021 will approach 714 million, a staggering 134% increase year-over-year.
"As long as organizations continue to overlook or fail to implement cybersecurity best practices to reduce their attack surface, ransomware groups will only increase investments in time, resources and money to launch campaigns that result in massive payments," Ayrapetov said.
Patented RTDMI technology that finds new variants more than ever
SonicWall's patented Real-Time Deep Memory InspectionTM (RTDMI) technology discovered 307,516 never-before-seen malware variants (+73%) during the first three quarters of 2021, averaging 1,126 discoveries per day. If there is still a steady number of attacks, along with rapid diversification, nations will need to start tackling cybercrime as soon as possible.
RTDMITM, which is included as part of SonicWall's cloud-based Capture Advanced Threat Protection (ATP) sandbox service, leverages proprietary memory inspection and CPU instruction tracking with machine learning capabilities. This allows Capture ATP with RTDMI to be increasingly efficient at recognizing and mitigating cyberattacks never seen by anyone in the cybersecurity industry, including threats that exhibit no malicious behavior and hide their weaponry through encryption.
