SonicWall’s new 2025 Annual Menace Report highlights startling revelations, together with that hackers exploited new vulnerabilities inside two days 61% of the time, and that it takes the typical group between 120 and 150 days to use a patch. As well as, the agency’s researchers detected 210,258 “never-before-seen” malware variants in 2024.
Researchers reported that, in 2024, the typical ransomware fee reached $850,700, with complete associated losses typically exceeding $4.91 million when factoring in downtime and restoration prices. World losses from enterprise e mail compromise (BEC) assaults exceeded $2.95 billion in 2024.
SonicWall additionally detailed elevated cyberattacks impacting Latin America and the U.S. healthcare sector.
Ransomware skyrocketed in Latin America
Ransomware was up 259% in Latin America and up 8% in North America, the agency mentioned.
IoT assaults jumped 124%, encrypted threats climbed 93%, and malware spiked 8% year-over-year.
Extremely seen ransomware teams similar to LockBit and BlackCat leveraged ransomware-as-a-service fashions to hold out widespread assaults and benefit from vital vulnerabilities to infiltrate programs, SonicWall’s 2025 Annual Menace Report famous.
198M+ American sufferers have been impacted by cyberattacks
The U.S. healthcare sector confronted “unprecedented challenges, with over 198 million American sufferers impacted by ransomware,’’ mentioned Bob VanKirk, president and chief government officer of SonicWall, within the report. He attributed the brand new malware variants to the speedy adoption of and developments in AI instruments.
Double extortion was prolific all year long with triple extortion additionally rising, particularly in healthcare. “This particular tactic includes encrypting a corporation’s most crucial information whereas concurrently threatening to launch delicate data until calls for are met,’’ the report said. “This tactic is used to put much more strain on ransomware victims to pay the menace actors because the criminals are basically holding the information hostage in a number of other ways.”
Within the case of triple extortion within the healthcare trade, menace actors will even go on to sufferers and threaten to launch their information until that ransom is paid. The report famous that healthcare organizations “have been additionally among the many least ready to deal with the fallout.”
SMBs more and more have to bolster their defenses
VanKirk wrote, “SonicWall’s information signifies that menace actors are shifting at unprecedented speeds.”
He famous that this particularly places strain on small and medium-sized companies and added “they need to not go it alone within the struggle towards cybercrime.”
The report urged SMBs to make use of trusted managed service suppliers (MSPs) or managed safety service suppliers (MSSPs) to bolster defenses. These companions can present real-time monitoring, speedy patch deployment, zero-trust safety fashions, and ongoing training, the report mentioned.
Methodology
The report relies on views from SonicWall’s 24/7 safety operations heart analysts and market insights from revered cybersecurity insurance coverage suppliers, VanKirk mentioned.
