SonicWall: Ransomware attacks increased 105% in 2021

Cybercriminals are becoming bolder and more prolific in their development and deployment of ransomware attacks.

This according to researchers at SonicWall, who said in its annual threat report that ransomware attacks over the last year have grown by an eye-watering 105%, with 20 attacks being attempted every second.

The soaring attack levels grow even more worrisome when considered over a longer three-year period.

"To truly understand ransomware's meteoric rise, it helps to compare 2021's ransomware volume to 2019 as well. Ransomware has risen a mind-blowing 231.7% since 2019," the SonicWall team said. "While 2021's high-water mark was more than double that of 2020, it more than tripled the ransomware volume in the worst month of 2019."

The soaring attack rates also come as ransomware is getting more attention than ever, from both the media and law enforcement. The researchers noted that law enforcement sources have made high-profile arrests and crackdowns on ransomware groups, while the U.S. government has issued warnings over impending ransomware threats.

Despite now being firmly in the spotlight, ransomware operators are showing no signs of letting up on attacks anytime soon. Simply put, SonicWall said, there are not enough investigators to keep up with all of the cybercriminals and ransomware operators.

"While high-profile arrests of cybercriminals continue, such as the REvil takedown in early 2022, they have been largely ineffective in stemming the tide of ransomware itself," SonicWall explained in its report. "The amount of time and resources required for each bust means that the criminal justice system is unable to keep up with the huge number of ransomware operators. And due to the lucrative nature of ransomware, as soon as one group is taken down, new ones rise to fill the void."

With the looming conflict between Russia and Ukraine, SonicWall president and CEO Bill Conner warned that ransomware attacks could be used by nation-state threat actors for motives other than financial gain.

"Cyber attacks can be leveraged to cause financial loss or gain," he told SearchSecurity, "but potentially even more damaging is if ransomware attacks are used to create disruption and misdirection, and in extreme cases, take down critical infrastructure."

There is some hope, however, as the researchers said 2021 represented a "turning point" in the battle against ransomware, with various law enforcement agencies as well as the U.S. military joining the fight. With so much attention on their activities, some groups are opting to break up or go silent, which researchers suggested could potentially lead to fewer attacks.

Also noted in the report was an increase in business email compromise (BEC) activity. In these social engineering attacks, the criminal impersonates a colleague or business partner with phishing emails and convinces the target to wire fraudulent payments.

"Because these attacks are more personal and more targeted than the mass-phishing attempts of old, they don't get reported as frequently," Conner said. "But in many cases, they are much more damaging."

SonicWall said its surveys suggest that BEC attacks have become the fourth-biggest worry for businesses, behind only phishing, ransomware and customer data loss. That same survey noted that many companies have little confidence in their ability to stop the scams.

"Respondents also said they lacked confidence in their existing protections and were unsure about their ability to safeguard funds, obtain help from insurance providers or law enforcement, or prevent these attacks from getting to highly targeted users in the first place," the researchers noted.

"Cybercriminals are aware that organizations are depending on cybersecurity technologies that were never designed to stop BEC attacks."