With record numbers of crypto jacking attacks amid a substantial drop in global ransomware volume, researchers smell something brewing for 2023

Drawing from its protection ecosystem comprising 1.1m security sensors in 215 countries and territories, as well as several specified sources of cyber incident data, a cybersecurity firm has announced it recorded an 87% increase in Internet of Things (IoT) malware, and a record number of crypto jacking attacks (139.3m) for the whole of 2022.

According to the incidental data, global malware volume increased 2% year-over-year, while overall global ransomware volume dropped by 21%. This could signify a strategic shift in which threat actors embrace slower and more stealthy approaches to achieve financially-motivated cyberattacks. 

In addition to demonstrated increases in cyberattackers’ level of sophistication and evasiveness, threat actors in the data were showing clear preferences for certain techniques, with notable shifts toward weak IoT devices, crypto jacking and potentially soft targets such as schools and hospitals.

Following global trends, several industries in the data faced large year-over-year increases of ransomware volume, including education (+275%), finance (+41%) and healthcare (+8%).

Key findings

Amid the 21% overall drop in global ransomware incidents in the data, ransomware continues to be a threat, and researchers expect more state-sponsored activity targeting a broader set of victims in 2023, including corporations and small- and medium-sized enterprises. Metrics for five cyber vectors were disclosed:

    • Malware Total volume was up 2% in 2022 after three straight years of decline in the data used for study. Following that trend, Europe as a whole saw increased levels of malware (+10%), as did Ukraine, which had a record 25.6m attempts. In the Asia Pacific region, the cyber landscape continued to remain gloomy with all tracked metrics rising in severity, including a surge in malware (+38%). In the other regions, data for malware was down year-over-year in key countries like the USA (-9%), the UK (-13%), and Germany (-28%).
    • Ransomware Overall ransomware numbers saw a global 25% decline in 2022. In particular, the total volume of ransomware incidents in Q4 (154.9 million) was the highest since the numbers analyzed for Q3 2021.
    • IoT malware Global volume rose 87% in 2022, totaling 112m by year’s end. With no corresponding slowdown in the proliferation of connected devices, bad actors were likely probing soft targets to leverage as potential attack vectors into larger organizations.
    • Apache Log4j Intrusion attempts against the ‘Log4Shell’ vulnerability eclipsed 1bn in 2022. The vulnerability was first discovered in December 2021 and has been actively exploited since.
    • Crypto jacking A ‘low and slow’ approach continued to surge in 2022 data, reflecting a 43% rise globally, the highest increase researchers of the report had ever recorded in a single year. In APAC, crypto jacking spiked 129%. The retail and financial industry felt the sting of attacks, seeing 2,810% and 352% increases, respectively, year-over-year.

According to Bob VanKirk, CEO and President, SonicWall, which commissioned the research: “While organizations face an increasing number of real-world obstacles with macroeconomic pressures and continued geopolitical strife, threat actors are shifting attack strategies at an alarming rate.”