Ransomware actors had a field day last year, conducting over 623 million ransomware attacks around the world, resulting in a 105% increase from the year prior, according to cybersecurity firm SonicWall.
The company’s 2022 Cyber Threat Report released Thursday also finds that ransomware volume has exploded since before the pandemic, rising 232% since 2019. That ransomware increase is largely seen in the U.S. and U.K., where ransomware climbed 98% and 227%, respectively.
According to the SonicWall’s report, there were nearly 20 ransomware attempts every second, representing an average of 2,170 ransomware attempts per customer.
The first half of 2021 saw 304.7 million attempts, more than all of 2020. However, the second half was even worse, with 318.6 million attempts—despite a notable decline in the fourth quarter.
The U.S. remains far and away the most targeted country, recording 421.5 million ransomware attempts in 2021.
The report also explores how quickly the ransomware ecosystem is growing, with SonicWall Capture Labs researchers recording hits from about 1,000 different ransomware signatures and more than 300 ransomware families over the course of last year.
However, just three families made up more than 62% of all ransomware in 2021: Ryuk, SamSam and Cerber.
Increases were also seen across targeted industries, with government reporting the largest such increase in ransomware attempts at a staggering 1,885%. Healthcare wasn’t too far behind, reporting a 755% increase in ransomware. Education and retail reported increases of 152% and 21%, respectively.
Malware was slightly down in 2021, marking a third straight year of decreases and a seven-year low in malware, but the second half of 2021 marked an uptick that almost completely erased the 22% drop in malware recorded at the mid-year point, Sonic Wall’s report says.
That decrease was just 4%, suggesting that malware numbers may rebound in 2022, according to the report.
While the ransomware and other malware increases reported by SonicWall are alarming, so are the vectors that threat actors are quickly exploiting, including the Log4j vulnerabilities that were exploited in droves as the IT ecosystem was caught off guard by a critical security bug in one of the most used software tools.
The report says threat actors attempted to exploit the Log4j flaws 142.2 million times between Dec. 11, 2021 and the end of last month, with a daily average of 2.7 million exploit attempts.
Encrypted attacks send over HTTPs are also on the rise, increasing by 167% last year and almost making up as many as 2018, 2019 and 2020 combined, SonicWall reports.
While the IoT continues to be an attractive target for cybercriminals and one that gives IT and security professionals nightmares, IoT malware may be leveling off, the report says. IoT malware rose just 6% in 2021, a far fewer increase than 2019 and 2020, when IoT malware attacks rose 218% and 66%, respectively. Connected devices are only increasing, so the lack of a corresponding IoT malware increase is encouraging.
“Cyberattacks become more attractive and potentially more disastrous as dependence on information technology increases,” says SonicWall President and CEO Bill Conner. “Securing information in a boundless world is a near impossible and thankless job, especially as the boundaries of organizations are ever-expanding to limitless endpoints and networks.”