Mid-Year Threat Report Suggests Ransomware Losses Likely to Exceed $30 Billion by 2023

Ransomware is the most serious threat to large and medium-sized businesses, and global ransomware damages have been predicted to exceed $30 billion by 2023, according to the Mid-Year Cyber Protection Operation Centers Report from Acronis. Attacks are showing no sign of slowing as cybercriminal gangs continue to make huge profits from their attacks. According to the report, the Conti ransomware gang was paid $2.7 billion in cryptocurrency over the two years that it was active, with January showing more than 1,000 victims paid up, with more than $150 million paid to the gang in that single month.

The report shows that nearly half of all data breaches reported in H1, 2022 occurred as a result of stolen credentials, which are most commonly stolen in brute force attacks and phishing campaigns. In 1H, 2022, 25.6% of all emails were spam, with 1% of emails including malware or phishing links. Acronis reports that its platform blocked 21 million malicious URLs in Q2, 2022, which is a 10% increase from Q1. The most commonly spoofed brands in phishing attacks were Twitter, Facebook, DHL, and Microsoft.

Malware is often used to gain access to business networks, and limited protection is provided by antivirus solutions. Cyber threat actors can evade standard antivirus solutions, which are signature based, but continuously releasing new malware variants. Acronis says that 81% of malware samples were only seen once, and each malware sample has an average lifespan of just 2.3 days in the wild before it disappears, highlighting the need for antivirus solutions that include behavior-based detection. The United States, Germany, and Brazil were the countries most targeted with malware.

Vulnerabilities in software and operating systems continue to be exploited. There were 12,985 vulnerabilities reported in the first half of the year and 475 are being actively exploited. The study confirmed that managed service providers are increasingly being attacked. An attack on an MSP can give a threat actor access to the networks of all of their clients. 80% of MSPs said they had seen an increase in cyberattacks on their customers in the past 12 months.

Acronis warned that the rapidly changing cyber threat landscape requires multi-layered defenses to be implemented, including anti-malware, EDR, DLP, email security, vulnerability assessment, patch management, RMM, and backup capabilities, which it says are all provided by its security platform.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of NetSec.news