Acronis, a global leader in cyber protection, unveiled its mid-year cyberthreats report, conducted by Acronis’ Cyber Protection Operation Centers, to provide an in-depth review of the cyber threat trends the company’s experts are tracking. The report details how ransomware continues to be the number one threat to large and medium-sized businesses, including government organizations and underlines how over-complexity in IT and infrastructure leads to increased attacks. Nearly half of all reported breaches during the first half of 2022 involved stolen credentials, which enable phishing and ransomware campaigns. Findings underscore the need for more holistic approaches to cybersecurity.
To extract credentials and other sensitive information, cybercriminals use phishing and malicious emails as their preferred infection vectors. Nearly one percent of all emails contain malicious links or files, and more than one-quarter (26.5%) of all emails were delivered to the user’s inbox (not blocked by Microsoft365) and then were removed by Acronis email security.
Moreover, the research reveals how cybercriminals also use malware and target unpatched software vulnerabilities to extract data and hold organizations hostage. Further complicating the cybersecurity threat landscape is the proliferation of attacks on non-traditional entry avenues. Attackers have made cryptocurrencies and decentralized finance systems a priority of late. Successful breaches using these various routes have resulted in the loss of billions of dollars and terabytes of exposed data.
These attacks are able to be launched due to overcomplexity in IT, a common problem throughout businesses as many tech leaders assume more vendors and programs lead to improved security when the inverse is actually true. Increased complexity exposes more surface area and gaps to potential attackers, keeping organizations vulnerable to potentially devastating damage.
“Today’s cyberthreats are constantly evolving and evading traditional security measures,” said Candid Wüest, Acronis VP of Cyber Protection Research. “Organizations of all sizes need a holistic approach to cybersecurity that integrates everything from anti-malware to email-security and vulnerability-assessment capabilities. Cybercriminals are becoming too sophisticated and the results of attacks too dire to leave it to single-layered approaches and point solutions.”