Article
Operational Security

Cryptojacking hits industry hard and hospitals could be next

By George Hopkin
March 01, 2023
undefined mins
Credit: Reza Estakhrian/Getty
Credit: Reza Estakhrian/Getty
Malware is increasing its reach, and there have been surges in IoT malware and cryptojacking, according to a new cybersecurity threat report from SonicWall

Emerging threat vectors, including “cryptojacking”, are causing havoc across industries, including retail and financial services, with hospitals and schools warned they are seen as soft targets by cybercriminals and can expect to be attacked.

The data emerged in SonicWall’s Cyber Threat Report, a bi-annual report that details an increasingly diversified cyberattack landscape amid shifting threat actor strategies. SonicWall recorded the second-highest year on record for global ransomware attempts, as well as an 87% increase in Internet of Things (IoT) malware and a record number of cryptojacking attacks (139.3 million) in 2022.

Cryptojacking involves cybercriminals taking control of a computer and then surreptitiously having it mine cryptocurrencies without the user's permission or knowledge.

"The past year reinforced the need for cybersecurity in every industry and every facet of business, as threat actors targeted anything and everything, from education to retail to finance," said SonicWall President and CEO Bob VanKirk. "While organisations face an increasing number of real-world obstacles with macroeconomic pressures and continued geopolitical strife, threat actors are shifting attack strategies at an alarming rate."

Global malware volume increased 2% year-over-year, but it was increases in IoT malware (+87%) and cryptojacking (+43%) that offset the decline of overall global ransomware volume (-21%), signifying a strategic shift. Threat actors have embraced slower and more stealthy approaches to achieve financially-motivated cyberattacks.

Crucial to understand tactics, techniques and procedures

"Cyberattacks are an ever-present danger for companies of all sizes, putting their operations and reputation on the line," says SonicWall Threat Detection and Response Strategist Immanuel Chavoya. "It is crucial for organisations to understand attackers' tactics, techniques and procedures (TTPs), and commit to threat-informed cybersecurity strategies to defend and recover successfully from business-disrupting events. This includes stopping sophisticated ransomware attacks as well as defending emerging threat vectors, including IoT and cryptojacking."

In addition to cyberattacks becoming more sophisticated and covert, threat actors are showing clear preferences for certain techniques, with notable shifts toward weak IoT devices, cryptojacking and potentially soft targets like schools and hospitals.

Prominent ransomware attacks impacted enterprises, governments, airlines, hospitals, hotels and even individuals causing widespread system downtime, economic loss and reputational damage. Following global trends, several industries faced large year-over-year increases of ransomware volume, including education (+275%), finance (+41%) and healthcare (+8%).

Cybercriminals are using increasingly advanced tools and tactics to exploit and extort victims, with state-sponsored activity growing as a concern. While ransomware continues to be a threat, SonicWall Capture Labs threat researchers expect more state-sponsored activity targeting a broader set of victims in 2023, including SMBs and enterprises.

The 2023 SonicWall Cyber Threat Report provides insight into a range of cyber threats, including:

Malware

Total volume was up 2% in 2022 after three straight years of decline — just as SonicWall predicted in the 2022 SonicWall Cyber Threat Report. Following that trend, Europe saw increased levels of malware (+10%), as did Ukraine, which had a record 25.6 million attempts, suggesting malware was used heavily in regions impacted by geopolitical strife. Malware was down year-over-year in key countries, including the US (-9%), UK (-13%) and Germany (-28%).

Ransomware

Although overall ransomware numbers saw a 21% decline globally, the total volume in 2022 was higher than in 2017, 2018, 2019 and 2020. In particular, total ransomware in Q4 (154.9 million) was the highest since Q3 2021.

IoT Malware

Global volume rose 87% in 2022, totalling 112 million hits by year's end. With no corresponding slowdown in the proliferation of connected devices, bad actors are likely probing soft targets to leverage as potential attack vectors into larger organisations.

Apache Log4j

Intrusion attempts against the industry's Apache Log4j 'Log4Shell' vulnerability eclipsed 1 billion in 2022. The vulnerability was first discovered in December 2021 and has been actively exploited since.

Cryptojacking

Use of cryptojacking as a 'low and slow' approach continued to surge, rising 43% globally, which is the most SonicWall Capture Labs threat researchers have recorded in a single year. The retail and financial industry felt the sting of cryptojacking attacks, seeing 2810% and 352% increases, respectively, year-over-year.

healthcareretailfinancial servicescryptojacking
Share
Share
Author
George Hopkin

Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI