Global malware detections saw a 2% increase year-on-year in 2022, totaling 5.5 billion, with the emergence of never-before-seen variants surging by 5%, as reported by SonicWall.
The cybersecurity firm gathered threat intelligence from its extensive global SonicWall Capture Threat network, which includes one million security sensors, to create the 2023 SonicWall Cyber Threat Report.
Within this report, SonicWall uncovered a total of 465,501 new malware samples, indicating ongoing innovation within the cybercrime landscape. These new discoveries often align closely with zero-day attack patterns, posing significant challenges for cybersecurity professionals.
Notable trends in malware activity included a 43% rise in cryptojacking malware, reaching a record 139 million “low-and-slow” attacks, as well as an 87% increase in IoT malware, totaling 112 million instances.
Despite a 21% decrease in ransomware volumes, which amounted to 493 million attacks, it still marked the second-highest year on record following 2021. Sectors such as education (275%), finance (41%), and healthcare (8%) experienced substantial increases in ransomware attacks, while Europe (70%) and the UK (112%) saw significant year-on-year spikes in attack volumes.
Specifically, Ukraine reported record malware (26 million) and ransomware (7 million) detections, contributing to Europe’s elevated figures. The UK now ranks as the second most targeted country globally, surpassing Spain and trailing behind the US.
Although countries like the US (-9%), UK (-13%), and Germany (-28%) observed declines in malware detections year-on-year, global malware volumes rose for the first time in four years, with intrusion attempts reaching a staggering 6.3 trillion.
The persistence of the Log4j vulnerability remained a challenge for network defenders, with SonicWall detecting over one billion intrusion attempts using the Log4Shell exploit in 2022.
Immanuel Chavoya, SonicWall’s threat detection and response strategist, emphasized the importance of understanding attackers’ tactics, techniques, and procedures (TTPs) to develop effective threat-informed cybersecurity strategies. He highlighted the increasing sophistication and covert nature of cyber-attacks, along with threat actors’ preferences for targeting weak IoT devices, engaging in cryptojacking, and potentially exploiting vulnerable entities like schools and hospitals.
In light of these evolving threats, organizations must prioritize proactive cybersecurity measures to defend against and mitigate the impact of business-disrupting events.