Malware Attacks Down, but Ransomware and IoT Attacks Have Surged in 2020

Cybercriminals were quick to respond to the COVID-19 pandemic and changed their tactics, techniques and procedures to capitalize on the uncertainly surrounding the 2019 novel coronavirus and COVID-19. With the pandemic forcing many businesses to drastically increase the number of employees working from home, cybercriminals started targeting home workers.

SonicWall has been tracking cyber threats throughout the pandemic and its telemetry data shows there has been a 33% fall in malware attacks in 2020 compared to the mid-year total in 2019, dropping from 4.8 billion to 3.2 billion incidents. However, the use of one form of malware – ransomware –increased sharply in 2020. There have been more than 80 million attacks in the United States in 2020 up 109% compared to the first half of 2019.

SonicWall’s telemetry data shows a strong correlation between ransomware attacks and the COVID-19 pandemic. The countries to be hit first by COVID-19 in Asia were first to experience a spike in ransomware attacks. As the virus spread globally, spikes in ransomware attacks followed. Asia saw increases in attacks in January and March, there were spikes in attacks in Europe in February and April, and attacks in North America soared in March, with continued increases seen in April and May. While there was a reduction in ransomware attacks in North America in June, now the number of cases has started to rise again, SonicWall believes there will be a corresponding rise in ransomware attacks.

According to the SonicWall 2020 Cyber Threat Report, IoT malware attacks also risen during the pandemic, with attacks increasing by around 50% compared to last year. 20.2 million IoT devices have been infected with malware in 2020, which is more than the corresponding periods in 2018 and 2019 combined. The increase in attacks on IoT devices is believed to be a direct response to employees working from home. While there may not usually be much incentive to attack consumer refrigerators and washing machines, these devices connect to home WiFi networks, through which employees are now connecting to corporate networks. Home IoT devices often have poor security, so they are an easy way of attacking employees’ computers and gaining a foothold in the corporate network.

“While the historic disruption accompanying the COVID-19 pandemic has been challenging for businesses, it’s been a boon for cybercriminals,” explained SonicWall president and CEO Bill Conner. “The pandemic’s effects can be seen in most every piece of threat data highlighted here — shifting, increasing, decreasing and upending long-standing patterns.”

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of