Today, Acronis, a global leader in cybersecurity, unveiled its Mid-Year Cyberbullying Report, organized by Acronis’ Cyber Protection Operation Centers, to give an in-depth review of cyber threat trends being tracked by the company’s experts. The report describes how ransomware remains the number one threat to large and medium-sized businesses, including government organizations, and outlines how over-complexity in IT and infrastructure leads to increased attacks. Around half of all reported breaches during the first half of 2022 involved stolen credentials, which enabled phishing and ransomware campaigns. The findings underscore the need for a more holistic approach to cyber security.
To extract credentials and other critical information, cybercriminals are using phishing and malicious email as their preferred infection vectors. About 1% of all emails contains malicious links or files, and 26.5% of all emails were delivered to a user’s inbox (not blocked by Microsoft365) and then these were removed by Acronis Email Security.
In addition, the research shows how cybercriminals also use malware and target unpatched software vulnerabilities to extract data and take organizations hostage. Further complicating the cyber security threat landscape is the proliferation of attacks on non-traditional entry routes. Attackers have given priority to cryptocurrencies and decentralized finance systems. Successful breaches using these different routes have resulted in the loss of billions of dollars and terabytes of exposed data.
They are able to launch these attacks due to the greater complexity in IT, a common problem across businesses as many technology leaders assume more vendors and programs lead to better security when the truth is actually reverse. The increased complexity exposes more surface area and gaps to potential attackers, leaving organizations vulnerable to potentially devastating damage.
“Today’s cyberthreats are constantly evolving and evading traditional security measures,” said Candid Wüest, Acronis VP of Cyber Protection Research. “Organizations of all sizes need a holistic approach to cybersecurity that integrates everything from anti-malware to email-security and vulnerability-assessment capabilities. Cybercriminals are becoming too sophisticated and the results of attacks too dire to leave it to single-layered approaches and point solutions.”
Critical data points reveal a complex threat landscape
As the reliance on the cloud grows, attackers have hijacked different entry routes to cloud-based networks. Cybercriminals increased their attention to the Linux operating system and its network of managed service providers (MSPs) and SMB customers. The threat landscape is changing, and companies must keep pace.
Ransomware is worsening, even more so than we predicted.
- Ransomware gangs, like Conti and Lapsus$, are causing serious damage.
- The Conti gang demanded a $10 million ransom from the Costa Rican government and published most of the 672 GB of data they had stolen.
- Lapsus$ stole 1 TB of data and leaked the credentials of over 70,000 NVIDIA users. The same gang also stole 30 GB worth of T-Mobile’s source code.
- The U.S. Department of State is concerned, offering up to $15 million for information about Conti’s leadership and co-conspirators.
The use of websites, phishing, and malicious emails, and malware continues to grow.
- 600 malicious email campaigns made their way to the internet in the first half of 2022.
- 58% of the emails were phishing attempts.
- Another 28% of those emails contained malware.
- The business world is increasingly distributed, and in the second quarter of 2022, an average of 8.3% of endpoints tried to access malicious URLs.
More cybercriminals are focusing on cryptocurrencies and decentralized finance (DeFi) platforms. By exploiting loopholes in smart contracts or stealing recovery phrases and passwords through malware or phishing attempts, hackers have wormed their way into crypto wallets and exchanges alike.
- Cyber-attacks have contributed to the loss of more than $60 billion in DeFi currency since 2012.
- Of this, $44 billion disappeared during the last 12 months.
Vulnerabilities of exposed services that are unpatched are another common infection vector – just ask Kaseya. To that end, companies such as Google, Microsoft, and Adobe have emphasized software patches and transparency around publicly presented vulnerabilities. These patches probably helped stem the tide of 79 new exxploits each month. Unreported vulnerabilities are also linked to how more complexity is hurting businesses more than helping them, as all of these vulnerabilities serve as additional potential points of failure.
Breaches leave financial, and SLA distress in their wake
Cybercriminals often demand ransom or steal money directly from their target. But companies don’t just face the challenges of their bottom line. Attacks often lead to downtime and other service-level breaches, affecting a company’s overall reputation and customer experience.
- In 2021 alone, the FBI summed up a total of $2.4 billion loss to Business Email Compromise (BEC).
- Cyber attacks caused more than a third (36%) of downtime in 2021.
The current cyber security threat landscape requires a multi-layered solution that combines anti-malware, DLP, EDR, vulnerability assessment, email protection, RMM, patch management, and backup capabilities in one place. The integration of these different components gives companies a better chance of surviving cyberattacks, minimizing the damage of successful attacks, and retaining altered or stolen data in the process.
Next Read: 80% of ransomware attacks exploit configuration errors, finds Microsoft
