SonicWALL Cyber Threat Report

The COVID-19 pandemic forced many businesses and organizations to change the way they work almost overnight. While remote working is not new, as many companies and organizations had already implemented a remote workforce or hybrid workforce, the pandemic pushed many companies and organizations to shift to a remote workforce before they were ready.

As a result, many were not prepared to navigate the change to a remote workforce effectively. Unfortunately, this meant cybercriminals were presented with various opportunities to prey on vulnerable businesses and organizations. Cyber threats and cyberattacks have skyrocketed, and ransomware attacks have already surpassed the entire volume for 2020 — and this is only for the first half of 2021.

Cyber Risk Report

The SonicWall Cyber Threat Report 2021 is a document that details the recent cybercrime trends. In the recently released mid-year 2021 Cyber Threat Report update, SonicWall recorded a global ransomware volume of 304.7 million for the first half of 2021, already eclipsing the 2020s ransomware volume 304.6 million. After record highs in April and May 2021, SonicWall recorded a high of 78.4 million ransomware attacks for June alone.

”Based on the recent SonicWall Cyber Threat Report, the number of cybersecurity attacks has increased rapidly. Specifically, the number of ransomware attacks showed a massive year-to-date spike in the U.S. (185%). In the first half of 2021, the number of ransomware attacks surpassed the entire volume for 2020 in only six months”, said Dr. Bennet Hammer, President of Hammer IT Consulting, Inc.

”The United States recorded by far the most ransomware attacks in the world. Furthermore, the state of Florida had by far the most ransomware attacks with more than 111 million attacks, which is more than the other nine states put together. With high-profile attacks against well-known organizations and infrastructure, ransomware is now more prevalent than ever. The threat actors are using any means possible to further their malicious intentions. Therefore, any organization needs to be proactive and protect their IT infrastructure from these cyberthreats”, added Hammer. 

”As a Florida-based MSP, the ransomware numbers are not surprising since we’ve been battling the attacks for years and way in advance of our peers nationwide.  We have gathered a lot of experience in addressing ransomware protection and response, unfortunately.  The number that does jump at me a bit is the increase in malware in IoT, which means that the attacks are increasing in many areas outside the regular business, which had been the battleground for years.  This is a bit surprising since malware number overall fell”, said Ilan Sredni of Palindrome Consulting.

Is Cybersecurity Similar to Warfare?

Anthony Buonaspina, CEO and Founder of LI Tech Advisors, describes cybersecurity and warfare as similar. ”Cybersecurity is similar to warfare. We ARE at war with cybercriminals who always seem to find a weakness and exploit it. It’s a game of measures and countermeasures. For every weakness that a cybercriminal finds, we need to counter it with additional security, but it always seems that “The Street Always Seems to Find A Way,” observed Buonaspina.

According to this mid-year report from SonicWall on cyber threats, the increase in cyber-attacks on all fronts is increasing at an alarming rate. 

The most significant cyber threat area is ransomware attacks with over 300 million ransomware attacks, up over 150 percent since last year.  According to Cybercrime Magazine, the main reason for this is its the most profitable at over $6 trillion globally so far, just this year. As more and more organizations are paying out the ransom demand, the more incentive ransomware groups have to launch these types of profitable attacks. According to this SonicWall report, “Even if we don’t record a single ransomware attempt in the entire second half (which is irrationally optimistic), 2021 will already go down as the worst year for ransomware SonicWall has ever recorded”.   Another disturbing find is that ransomware groups are now not just encrypting files but also have found ways to encrypt backups.  Some companies now offer “air-gap” or off-line backups to protect data from encryption.  However, even with a company being able to restore their backups, ransomware groups are now stealing the companies data before encrypting it and holding it hostage until the ransom is paid.  They threaten the company by releasing all their sensitive data and intellectual property out to the public.  Companies then are forced to pay the ransom to preserve the secrecy of their intellectual property and protect their customer’s personally identifiable information. 

Cybercrime Prevention and Recovery

After reviewing the report, it is clear that cybercrime is not going to disappear any time soon. Unfortunately, the risks for attacks continue to increase. Only a quarter of businesses and organizations feel they can effectively respond to security incidents and that three-quarters of decision-makers fear their employees could expose their business or organization to security risks implies that more workplaces need to implement enhanced cybersecurity practices and policies. This also implies that more workplaces need to focus on cybersecurity education, awareness, and training. 

”Another interesting and disturbing fact from this article directly affects our client base in the educational sector.  According to this SonicWall report, “By June, government customers were getting hit with roughly ten,” times more ransomware attempts than average,” “but in three out of six months during the first half of 2021, education customers saw even more.”  Based on our experience, most schools are soft targets for cybercriminals since they usually don’t invest enough into the level of security needed to protect their environment.  The best protection against an attack is taking proactive measures”, said Buonaspina.

Buonaspina shared the following advice for small businesses and schools to help protect themselves against ransomware cybercrimes and quickly recover if attacked:

  • Secure your hardware — make sure you are using the latest security patches and complicated passwords are being implemented.  Use 2-factor authentication where possible.  Also, make sure that you turn on BitLocker device encryption for all your Windows 10 devices and enable remote-wipe any mobile devices that might be lost or stolen to protect the data it has access to. 
  • Encrypt and Backup data — you need to make sure you prevent physical access to sensitive data and render it useless if it falls into the wrong hands. Data encryption is the best “quick fix” for data breaches.  If a data breach occurred, the data would be inaccessible. 
  • Perform a network security scan — you should periodically run a network security scan of your network to see what devices are attached and where security holes may reside. 
  • Train your employees — One of the weakest security points is your employees.  Ongoing training is essential to maintain a heightened level of awareness of cyber threats. Purchase a cybersecurity training service that will automatically send out fake phishing attempts to test your employees and train them if they fail. 
  • Invest in cyber insurance — consider this business continuity insurance if any security measures you have taken fail.  If you fall prey to a ransomware attack, cyber insurance will help you recover by offering financial support to remediate the issue quickly.  

While important, it is not enough to just have IT security. The potential for human mistakes will always be there, and this is too big to ignore. The recent findings by SonicWall have proven that cybersecurity risks can be reduced significantly when businesses invest in the proper resources and implement cybersecurity awareness and training measures. Download Mid-Year Update: SonicWall Cyber Threat Report here.