Malware attacks down by 20 per cent, while ransomware-as-a-service has boomed

Ransomware-as-a-service attacks on UK organisations have tripled over the past year, claims SonicWall

Global ransomware attacks have decreased by 12 per cent, but ransomware-as-a service, cryptojacking and attacks on IoT devices are growing fast.

That's according to research by security vendor SonicWall, which takes real-world data from more than one million security sensors in over 200 countries.

While the global volume of ransomware has fallen in recent months, global ransomware attacks have grown by 15 per cent - but have tripled in the UK.

Cyber criminals are also using non-standard web traffic ports to deliver undetectable payloads

SonicWall threat researchers credited this to cyber criminals having a "new preference of ransomware-as-a-service (RaaS) and open-source malware kits".

As the connected ecosystem continues to grow, IoT devices are increasingly being utilised by criminals to launch cyber attacks. In the first half of 2019, SonicWall identified a 55 per cent increase in attacks targeting IoT devices.

Crypojacking - surreptitiously using someone else's computer to mine for crypto-currency - also continues to grow. The volume of cryptojacking attacks hit 52.7 million in the first six months of 2019 - a nine per cent increase compared to the same period in 2018.

Coinhive remains the top signature among hackers - despite the fact it closed down in March 2019

The researchers said this rise can be "partially attributed to the rise in bitcoin and Monero prices, helping cryptojacking stay relevant as a lucrative option for cybercriminal".

When it comes to launching cryptojacking campaigns, Coinhive remains the top signature among hackers - despite the fact it closed down in March 2019.

"One reason for the high detection is that compromised websites have not been cleaned since the infection, even though the Coinhive service is non-existent and the URL has been abandoned," claimed SonicWall in a statement.

Cyber criminals are also using non-standard web traffic ports to deliver undetectable payloads, with SonicWall claiming to have "monitored the largest spike on record since tracking the vector when one quarter of malware attacks came across non-standard ports in May 2019 alone".

In the first half of 2019, SonicWall Real-Time Deep Memory Inspection technology revealed 74,360 ‘never-before-seen' malware variants

Finally, SonicWall found claims that "51 per cent and 47 per cent of never-before-seen attacks came via PDFs or Office files". It said traditional PDFs and Office files continue to be routinely leveraged to exploit users' trust and experience to deliver malicious payloads.

SonicWall CEO Bill Conner said that organisations continue to struggle to track the fast evolving patterns of cyber attacks.

He said: "In the first half of 2019, SonicWall Real-Time Deep Memory Inspection (RTDMI) technology revealed 74,360 ‘never-before-seen' malware variants.

"To be effective, companies must harness innovative technology, such as machine learning, to be proactive against constantly-changing attack strategies."