Ransomware attacks on government triple in 12 months

SonicWall report shows, government customers are getting hit with roughly 10 times more ransomware attempts than average

Posted 12 August 2021 by Christine Horton

Government is the most commonly targeted industry for ransomware, with attacks so far rising to three times last year’s high point.

The mid-year update to the 2021 SonicWall Cyber Threat shows there have been more hits on government customers each month this year than on any other industry. By June, government customers were getting hit with roughly 10 times more ransomware attempts than average.

Across the board, ransomware attacks skyrocketed in the first half of 2021, eclipsing the entire volume for 2020 in only six months. Through the first half of 2021, SonicWall recorded global ransomware volume of 304.7 million, surpassing 2020’s full-year total (304.6 million) — a 151 percent year-to-date increase.

Such is the threat, the head of the National Cyber Security Centre (NCSC) in June declared ransomware the biggest online threat to people in UK.

“In a year driven by anxiety and uncertainty, cybercriminals have continued to accelerate attacks against innocent people and vulnerable institutions,” said SonicWall President and CEO Bill Conner.

“This latest data shows that sophisticated threat actors are tirelessly adapting their tactics and embracing ransomware to reap financial gain and sow discord. With remote working still widespread, businesses continue to be highly exposed to risk, and criminals are acutely aware of uncertainty across the cyber landscape. It’s crucial that organisations move toward a modern Boundless Cybersecurity approach to protect against both known and unknown threats, particularly when everyone is more remote, more mobile and less secure than ever.”

Different research released today from Barracuda Networks shows education had been the target of 13 percent of ransomware attacks, a slight decrease from the 15 percent recorded in 2020. Healthcare was the target of 13 percent of attacks, which is lower than the 22 percent recorded in 2020.

However it says local government bodies, such as councils, which were targeted by a whopping 45 percent of ransomware attacks in 2020, made up just 16 percent of ransomware attacks this year.

Other attacks

After posting record highs in both April and May, SonicWall recorded another new high of 78.4 million ransomware attacks in June 2021 alone. The UK is second only to the United States in terms of attacks with a massive year-to-date spike of 144 percent.

Accounting for 64 percent of all recorded ransomware attacks, Ryuk, Cerber and SamSam were the top three ransomware families in the first half of the year, as recorded by SonicWall Capture Labs.

However, the number of malware attacks continue to fall. In the first half of 2021 there was a 24 percent drop in malware volume worldwide. As threat actors become more sophisticated — using ransomware, cryptojacking and other types of cyberattacks to launch surgical strikes — the need for “spray-and-pray” malware attempts has lessened, decreasing overall volume, said SonicWall.

After having made an unexpected revival in 2020, cryptojacking malware continued to climb through the first half of 2021 as cryptocurrency prices remain high. From January to June, SonicWall threat researchers recorded 51.1 million cryptojacking attempts, representing a 23 percent increase over the same six-month period last year.

Europe was particularly ravaged, recording a 248 percent year-to-date rise in cryptojacking malware. This increase highlights the volatile shifts of a market cybercriminals have come to leverage due to their high desire for online anonymity when it comes to lucrative payouts.

Finally, the addition of millions of new devices on the network with people working remotely contributed to an increase in Internet of Things (IoT) malware attacks, which rose 59 percent year-to-date globally.