Leaked or stolen credentials, which allow attackers to easily execute cyberattacks and ransomware campaigns, were the cause of almost half of reported breaches in H1 2022
Latest cyberthreats and trends report for the second half of 2022 released by Acronis found that phishing and the use of MFA fatigue attacks, an extremely effective method used in high-profile breaches are on the rise.
Forcing over 40% of the impacted companies to shut down, targeted organisations in the UAE lost over US$1.4 million in ransomware. To safeguard the country’s digital space, the UAE Cyber Security Council announced the adoption of stringent cybersecurity standards, following the worrying trend.
Conducted by Acronis’ Cyber Protection Operation Center, the report provides an in-depth analysis of the cyberthreat landscape including ransomware threats, phishing, malicious websites, software vulnerabilities and a security forecast for 2023.
Breaches reported in the Kingdom of Saudi Arabia, for example, could reach an average of US$7 million as the country continues to report one out of five attacks to be ransomware, according to security analysts.
Ranked as the sixth-most dense region for cybercrime in the world, cybercrime victims in South Africa surged from 14.1 victims per one million internet users in 2019 to 50.8 victims in 2020. Most recently, the country enacted its cybersecurity act, which clearly defines cybercrimes in a bid to effectively regulate and prosecute them.
In Kenya and Nigeria, financial phishing attempts rose significantly in Q1 and Q2 of 2022 as banks, online payment systems, and e-commerce websites were targeted. In Kenya, over 100,000 financial phishing attacks were detected – a 201% increase compared to Q1 and Nigeria has reported over 61,000 financial phishing attacks, representing an increase of 79% compared to Q1.
Of note, the report found that threats from phishing and malicious emails have increased by 60% and the average data breach cost is expected to reach US$5 million by next year. The research team who authored the report also saw social engineering attacks jump in the last four months, accounting for 3% of all attacks. Leaked or stolen credentials, which allow attackers to easily execute cyberattacks and ransomware campaigns, were the cause of almost half of reported breaches in H1 2022.
“The last few months have proven to be as complex as ever – with new threats constantly emerging and malicious actors continuing to use the same proven playbook for big payouts,” said Candid Wüest, Acronis VP of Cyber Protection Research. “Organisations must prioritise all-encompassing solutions when looking to mitigate phishing and other hacking attempts in the New Year. Attackers are evolving, using some of the tools, like MFA, that we rely on to protect our employees and businesses against us.”
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics