IoT malware attacks are up 55%, according to SonicWall

IoT malware attacks are up 55%, according to SonicWall

Credit: SonicWall

IoT malware attacks are up 55%, according to SonicWall’s Cyber Threat report, which collects data from over a million security sensors in over 200 countries.

Security concerns in the IoT world are a constant thorn in the side of exciting innovation. Cyberattacks have the potential to gut an organisation from the inside out, stealing its intellectual property and physical assets. Now, new data from SonicWall has found a rise in open-source malware kits and cryptojacking used by cybercriminals.

The updated 2019 SonicWall Cyber Threat Report, released this week, details trends and statistics currently affecting the technology world from data collected from millions of security sensors worldwide. One of the most concerning aspects of the report states that IoT malware attacks are up 55%, suggesting that businesses and organisations are not keeping up with the ever-evolving world of cybercriminality.

“Our mission is to ensure organizations and businesses are better informed to safeguard their networks and data,” Bill Conner, President & CEO of SonicWall, stated. “Investing in cyber threat research and publishing our findings helps foster collaboration between the private sector, security industry and trusted third parties to bolster a strong, united front against cyberattacks.”

The steep increase in IoT malware attacks is higher than both the first two quarters of the previous year. The issue could well be caused by more businesses investing in IoT technology and connecting devices to the internet without fully exploring the security risks that can come from this.

It’s not just IoT malware on the rise

SonicWall’s report touches on a range of security threats currently facing businesses, ranging from IoT malware to crypto.

Threat researchers at the company discovered a 15% increase in ransomware attacks worldwide, though has been a shocking 195% increase in the UK alone. SonicWall attribute this sharp increase in the rise of ransomware-as-a-service (RaaS) and open-source malware kits.

RaaS is similar to a Software-as-a-Service (SaaS) model, albeit a lot more sinister. Even rookie cybercriminals can find RaaS packages easily that reduce coding difficulty. This only democratises ransomware, it allows anyone to become an “affiliate” of an RaaS service.


Organisations continue to struggle to track the evolving patterns of cyberattacks.

Bill Conner, President & CEO of SonicWall

In its simplest form, cybercriminals write ransomware code before selling under an affiliate program to other cybercriminals. They can provide step-by-step help to launch an attach, talking through whoever rents their code, before taking a share of the ransom money.

Aside from this relatively new and malicious phenomenon, threat researchers at SonicWall discovered some more traditional forms of attack. According to their findings, 51% of “never before seen” attacks come via PDF files, with 47% coming from Office files. Malware can be hidden in these files and without the necessary security, are lethal to businesses despite their simplicity.

Cryptojacking too has risen 9%, with Bitcoin and Monero price hikes being blamed.

What can businesses do to tighten up security?

“Organisations continue to struggle to track the evolving patterns of cyberattacks – the shift to malware cocktails and evolving threat vectors –which makes it extremely difficult for them to defend themselves,” said Bill Conner, in response to the report.

As IoT evolves at an alarming pace and the world produces more internet-connected devices, trying to keep up with security can be difficult. If IoT security is similar to putting out a fire, heavy investment in IoT is producing far more fires than can be reasonably extinguished.

Worldwide IoT malware attacks and more can be watched in real-time on SonicWall's website.
Worldwide IoT malware attacks and more can be watched in real-time on SonicWall’s website. / Credit: SonicWall

There are however many ways that IoT security can be improved. A reliable anti-malware software for your system is the first logical step that any business should take when covering themselves. With the very best systems on the market, advanced algorithms can detect and potentially remove threats. They also work automatically in the background, so there is no need to continually check for issues.

Cybercriminals will always look for a chink in the armour of a system and attack specifically through weaknesses. Keeping software up to date is not only advantageous but essential: existing and emerging cyber threats can be snuffed out.

With 2 trillion intrusion attempts registered in the SonicWall report, it is clear that businesses urgently need to keep up with the security required for IoT. IoT malware attacks don’t have to be necessary should organisations stay protected and sensible with their data.

Luke Conrad

Technology & Marketing Enthusiast

In this together: how the crowd can help.

Matt Cooper • 22nd November 2022

Matt Cooper, the Chief Commercial Officer at Crowdcube, explains that if businesses can communicate their purpose and vision clearly, founders can mobilise a passionate community of investors to help them on their journey.