Security News
5 Things To Know On The Big Drop In Ransomware Attacks
Kyle Alspach
Multiple security vendors are reporting data showing that ransomware was less of an issue in 2022, particularly in the U.S., than it was in 2021. There’s both good and bad news in the findings, however.
Ransomware Respite?
Here’s the good news: Ransomware was down in 2022, according to research reports from several cybersecurity vendors, and at least some of the drop is thanks to improved prevention and law enforcement intervention. While 2022 was by no means a holiday for cyber defenders, the reports point to significant declines in the ransomware volume and success rate during the year, as compared with the epic ransomware year of 2021.
[Related: Ransomware Prevention Saw ‘Massive’ Improvement In 2022: IBM X-Force]
SonicWall reported Tuesday that global ransomware volume dropped by 21 percent in 2022—and saw an even larger decline in the U.S.—while Mandiant has disclosed it responded to 15 percent fewer ransomware incidents last year. Also on Tuesday, Proofpoint revealed that a lower percentage of organizations overall experienced ransomware infections in 2022, and both CrowdStrike and SonicWall reported an uptick in the number of threat actors that switched from ransomware to data extortion attacks during the year.
Additional security research from IBM X-Force suggests that threat detection tools are catching more intrusions at an early stage of the attack, prior to deployment of ransomware, while blockchain data platform Chainalysis revealed that overall ransomware payments fell sharply in 2022.
Overall, when it comes to the ransomware decline last year, “there have been multiple shifts in the operating environment that have likely contributed,” said Jeremy Kennelly, senior manager for financial crime analysis at Mandiant.
That’s not to say that ransomware has lost its status as a leading threat, as evidenced by recent attacks such as the widespread ESXiArgs ransomware campaign. And the fact that at least some of last year’s decline was attributable to threat actors switching to other highly damaging attacks, such as data extortion, is not exactly something to get excited about.
Ultimately, “it’s encouraging that we’re seeing a decrease” in ransomware attacks, SonicWall CEO Bob VanKirk said in an interview with CRN. At the same time, “the number of attacks still is staggering,” VanKirk said. And there are concerning signs that ransomware may already be on the rebound as well.
To dig into what the latest cybersecurity research is telling us about the ransomware threat, what follows are five key things to know about the drop in ransomware attacks in 2022.
