Cyber threats, especially ransomware, have made considerable headlines this year. For example, the German district of Anhalt-Bitterfeld had to declare a state of emergency after a cyberattack paralysed large parts of the administration.
As the mid-2021 Acronis Cyberthreats Report shows, we saw many new developments like the one in Anhalt-Bitterfeld in the first half of the year. When government, healthcare and supply chains are targeted, it clearly shows that all types of businesses are also at significant risk - and that service providers need to respond.
SMEs more at risk
Small and medium-sized enterprises (SMEs) often think they are safe because they would "make too small a target" or because their data is of no value to anyone else. Yet their data is valuable to themselves. They are also more at risk due to the ever-increasing automation of attacks and supply chain attacks on their IT service providers. Cybercriminals prefer to target managed service providers (MSPs) to compromise some or all of their customers at once. Most SMEs rely on their MSP for protection, as a single such incident can spell the end of their business.
In the first six months of 2021, 80 per cent of all businesses experienced a cyber security compromise due to a vulnerability in their third-party ecosystem. During this period, the average cost of a data compromise increased to approximately $3.56 million, and the average ransom payment increased by 33 per cent to $100,000. Such a loss is difficult for any business to bear, but for SMEs it can be fatal.
These are some other key findings from our mid-2021 Acronis Cyberthreats Report:
Data exfiltration continues to rise. Last year, the data of more than 1,300 ransomware victims was made public after an attack. Cybercriminals are doing everything they can to maximise their financial gain, and these tactics increase the pressure on victims to actually pay the ransom. In the first half of 2021, data from more than 1,100 data leaks has already been made public. If this trend continues, we expect a 70 per cent increase by the end of this year compared to 2020.
Home office workers continue to be a prime target. The Covid 19 pandemic led to a fundamental change and the increasing prevalence of remote workplaces. This trend continues. Two-thirds of home office employees now use company-owned devices for private tasks as well as private devices for professional activities. This has not escaped the attention of attackers. Acronis found that the number of global attacks has more than doubled, with brute force attacks on remote machines via the Remote Desktop Protocol (RDP) increasing by 300 per cent.
Phishing attacks are increasing rapidly. Phishing - which relies on social engineering techniques to trick users into opening malicious attachments or clicking on links - increased by 62 per cent from the first to the second quarter. With 94 per cent of malware distributed via email, we are very concerned about this increase. During this period, Acronis blocked more than 393,000 phishing messages and malicious URLs per month, preventing attackers from accessing business-critical data and injecting malware into customer systems.
The mid-2021 Acronis Cyberthreats Report analysed attack and threat data collected by the global CPOC (Acronis Cyber Protection Operations Centers) network, which monitors and investigates cyberthreats around the clock. Malware data was collected from more than 250,000 individual endpoints around the world running Acronis Cyber Protect (either as an MSP customer with Acronis Cyber Protect Cloud or as an enterprise with Acronis Cyber Protect 15). The mid-year update included attacks against endpoints we detected between January and June 2021. You can download your copy of the full mid-2021 Acronis Cyberthreats Report here. (CW)