December 2018 Cyber Threat Data: Ransomware Peaking Globally


We finished off 2018 with an in-depth focus on Cyber Monday and the threats over the holiday period. Now that we are into 2019 we are able to take the full month into consideration and we can see some familiar increases, both over the month itself and generally speaking for the year. First, some figures:

Globally, the SonicWall Capture Threat Network, which includes more than 1 million sensors across the world, recorded the following 2018 year-to-date attack data through December 2018:

  • 10.5 billion malware attacks (22 percent increase from 2017)
  • 3.9 trillion intrusion attempts (38 percent increase)
  • 328.5 million ransomware attacks (120 percent increase)
  • 2.8 million encrypted threats (27 percent increase)

In December 2018 alone, the average SonicWall customer faced:

  • 1,542 malware attacks (33 percent decrease from December 2017)
  • 784,602 intrusion attempts (9 percent increase)
  • 43 ransomware attacks (153 percent increase)
  • 107 encrypted threats (81 percent decrease)
  • 15 phishing attacks, on average, each day (23 percent increase)

Ransomware Sticks

As we see, the overall number of malware attacks, especially encrypted threats, were down in December 2018 compared to the year before, but in both the yearly and monthly figures one familiar figure looms: ransomware.

Break it down into regions and a complex story emerges; ransomware attacks in America and Europe varied greatly throughout the year. For example, the figures in Europe actually came in less than the year before for five out of the 12 months. However, Asia Pacific saw what could be described as a meteoric rise throughout the whole year where there wasn’t a single month where numbers were comparatively less than 2017.

In December 2018 specifically, it was not a good month to be unprotected in any of the regions; all geographical areas saw huge increases in ransomware attacks:

  • North America: 276 percent increase
  • Europe: 122 percent increase
  • Asia Pacific: 249 percent increase.

To just take one of the regions in real figures, this comes in at 3,496,448 more cases of ransomware in Asia Pacific in December 2018 compared to the year before.

Ransomware Attacks Up

In December 2018, there were 3.5 million more ransomware attacks detected in the Asia Pacific region compared to 2017.

Malware Cocktails

It can be hard to pinpoint exactly the reasons for such an increase, but one thing SonicWall spent 2017 and 2018 consistently calling out was the rise of malware cocktails, many of which were developed following the success of WannaCry, NotPetya and Bad Rabbit in previous years. Looking at the numbers, we see these were not idle mentions. December 2018 saw almost 30,000 new variants appear in the wild, up 75 percent from the year before.

To protect your organization against evolving attack volume and sophistication, consider the SonicWall Capture Advanced Threat Protection sandbox service with Real-Time Deep Memory Inspection Technology (RTDMI™), which discover and stop previously unknown ransomware variants.

  SonicWall Capture Security Center

SonicWall cyber threat intelligence is available in the SonicWall Security Center, which provides a graphical view of the worldwide attacks over the last 24 hours, countries being attacked and geographic attack origins. This view illustrates the pace and speed of the cyber arms race.

The resource provides actionable cyber threat intelligence to help organizations identify the types of attacks they need to be concerned about so they can design and test their security posture ensure their networks, data, applications and customers are properly protected.

SonicWall Staff