Big Hits in the World of Cyberattacks

Big Hits in the World of Cyberattacks

Rustom Hiramaneck, Country Head, South Asia, Acronis, 0

Rustom possesses more than three decades of professional experience. Prior to joining Acronis in 2017, he has worked with companies such as TechProcess Payment Services, and Microland Ltd

Modern cyberattacks, data leaks, and ransomware outbreaks all show the same thing: the current approach to cybersecurity is failing. This failure results from weak technologies, heightened complexity, and human mistakes caused by clever social engineering tactics.
Below is the threat landscape encountered by Acronis in the first half of 2023, representing a global outlook.

The top security and threat trends that were observed in the first half of 2023 were

Ransomware variants continue to fall, but businesses are still losing data and money.
Ransomware gangs are still breaching companies around the globe fairly easily and continue to make malicious use of popular legitimate tools. Three highly active groups are the primary contributors, responsible for about 57 percent of the attacks. Among these groups, LockBit takes the lead, accounting for 34.6 percent of attacks, followed by Clop with 13.1 percent and ALPHV/BlackCat with 9.1 percent.

Phishing and malicious emails remain the main vectors of infection.
The number of email-based attacks seen thus far in 2023 has experienced a staggering 464 percent surge compared to the first half of 2022. Also, when
considering the attacks per organization within the same time frame, there has been a notable increase of 24 percent. One out of 76, or 1.3 percent, received malicious emails. Phishing remains the number one threat, with these attacks making up 73 percent.

Data breaches continue to dominate.
Data breaches are often associated with ransomware attacks, but this is not the only way they come about. Lots of data are silently exfiltrated during attacks, and it is only later that that data is being sold on the dark web or underground forums that were discovered. For example, a new information stealer dubbed SYS01stealer emerged in Q1 2023. It targets critical government infrastructure employees and manufacturing companies, among other sectors.

It should be no surprise that cybercriminals are also experimenting with this new generation of AI and using it to optimize their attacks

Generative AI—ChatGPT and others in cybercrime
It should be no surprise that cybercriminals are also experimenting with this new generation of AI and using it to optimize their attacks. Cybercriminals aim to maximize their profit by using AI to create, automate, scale, and improve new attacks through active learning.

In conclusion, ransomware continues to threaten large and medium-sized businesses, including government, healthcare, and other critical organizations.
Data stealers are the second most prevalent threat, causing the majority of data breaches along with the traditional usage of stolen credentials.
ChatGPT and similar generative AI systems are already used to conduct cyberattacks and create malicious content.
In the first quarter of 2023, over 60,000 customers reported being impacted by supply-chain attacks.
The number of email attacks seen in 2023 has surged by a staggering 464 percent compared to the first half of 2022.