Ransomware threats explode in first-half 2021

Ransomware attacks skyrocketed in the first half of 2021, eclipsing the full-year volume for 2020, according to the mid-year update to the 2021 SonicWall Cyber Threat Report.

Through the first half of 2021, SonicWall recorded global ransomware volume of 304.7 million, surpassing 2020’s full-year total of 304.6 million — a 151% year-to-date increase.

SonicWall Capture Labs threat researchers collect and analyse threat intelligence data from 1.1 million sensors in over 215 countries and territories.

“With remote working still widespread, businesses continue to be highly exposed to risk, and criminals are acutely aware of uncertainty across the cyber landscape,” said SonicWall president and CEO Bill Conner. 

“It’s crucial that organisations move toward a modern Boundless Cybersecurity approach to protect against both known and unknown threats, particularly when everyone is more remote, more mobile and less secure than ever,” said Conner.

After posting record highs in both April and May, SonicWall recorded another new high of 78.4 million ransomware attacks in June 2021 alone. 

Ransomware volume showed massive year-to-date spikes in the United States (185%) and the United Kingdom (144%). Accounting for 64% of all recorded ransomware attacks, Ryuk, Cerber and SamSam were the top three ransomware families in the first half of the year.

The top five regions most impacted by ransomware in the first half of 2021 were the US, UK, Germany, South Africa and Brazil.

In line with spikes in global data, SonicWall Capture Labs threat researchers also recorded alarming ransomware spikes across key verticals, including government (917%), education (615%), healthcare (594%) and retail (264%) organizations.

Last year, SonicWall recorded a drop in global malware attacks, a trend that continued in the first half of 2021 with a 24% drop in malware volume worldwide. 

As threat actors become more sophisticated — using ransomware, cryptojacking and other types of cyberattacks to launch surgical strikes — the need for “spray-and-pray” malware attempts have lessened, decreasing overall volume.

Malware attacks via non-standard ports also fell in 2021 after hitting record highs in 2020. These attacks, which aim to increase payloads by bypassing traditional firewall technologies, represent 14% of all malware attempts in the first half of 2021, down from 24% year to date.

After having made an unexpected revival in 2020, cryptojacking malware continued to climb through the first half of 2021 as cryptocurrency prices remain high. From January to June, SonicWall threat researchers recorded 51.1 million cryptojacking attempts, representing a 23% increase over the same six-month period last year.