When it comes to cybersecurity, predicting the potential movements of cybercriminals can provide invaluable intelligence. The best way to predict what motivates cybercriminals to target specific institutions or industries is to assess their past actions. The Obrela Resilience Operations Centers have analyzed more than 2,500 TBs of log data for the Annual Digital Universe Report to advise business leaders on the best way to strategies their finances when making meaningful business decisions.
By comparing the data of cyber incidents from 2021 and comparing them to the previous year, you can formulate a picture of the evolving threatscape. This provides valuable data for 2022 as key trends continue to emerge. But what are the key findings from the past 24 months of cybersecurity incidents?
Key findings: Attack landscape:
It will come as no surprise to learn that cybercriminals are notoriously opportunists. They constantly scan businesses for weak points and deploy their entire arsenal against these institutions to gain a foothold. Email attacks have seen the largest increase (50%) in the past year, particularly concerning. The volume of email-based attacks had already increased substantially in the years prior as many businesses opted to operate on a hybrid working model. While many Covid restrictions have been eased, many companies have embraced this ‘new normal’ and continue to work with a dispersed workforce. Businesses that have not adopted email security mechanisms should do so now as there is no sign of this attack vector losing popularity amongst cybercriminals.
Interestingly, the number of malware or ransomware incidents increased by only 1%. Still, the number of this attack vector is already concerningly high following many high-profile events such as the Colonial Pipeline Ransomware incident $4.4 million ransom paid to Russia-linked cybercrime group known as DarkSide. Cybercriminals continue to utilise ransomware for its highly cost-effective methodology, and a ransomware incident could cost you up to $1.85 million.
Industries at risk:
It is no surprise that the banking and finance industry received the most significant increase in attacks (46% rise). This is because of the sheer quantity of valuable data these institutions process and protects daily. The vast wealth of personally identifiable information (PII) and financial data housed within corporate premises presents a honeypot to potential cybercriminals. Similarly, the healthcare industry has been a high-profile target by cybercriminals for years, but the pandemic has exacerbated this. Based on the Annual Digital Universe Report, in 2021, we noticed nearly a 20% increase in targets in the sector. A ransomware incident on a healthcare organization could have life-threatening effects, and cybercriminals are not afraid to get their hands dirty. Furthermore, incidents in the gas and oil sector increased by 16% compared to the previous year. This is perhaps fueled by the success of the ransomware deployed across the Colonial Pipeline.
Cybercriminals will continue to target critical national infrastructure because, in many cases, they have no choice but to cave in to demands. Institutions that operate within these sectors should deploy comprehensive and extensive cybersecurity policies. Failure to do so could lead to diminished brand reputation, incompliance fines or even extortionate ransom payments. Failure to do so would leave countless individuals without the necessary tools to have a good quality of life.
Securing the cloud:
According to the Annual Digital Universe Report, failure to secure the cloud can lead to catastrophic consequences, particularly in industries that process confidential and sensitive information. Corporate and government sectors saw a concerning 106% increase in attacks on their cloud workloads. While there is no evidence suggesting that these are politically motivated attacks, the wealth of data they process presents a lucrative target to a would-be criminal.
Additionally, the energy sector saw a 74% increase in attacks on their cloud services, while ICT services recorded an increase of 69%. However, topping these off is the services industry, with a staggering 159% rise in attacks. Cybercriminals are likely increasing their targeting of the cloud sector overall, and this concerning trend indicates that businesses should ensure that their cloud services are adequately secured.
Locations:
Nearly doubling in the past year as tensions rise with global APT groups such as Russian or Korean speaking cybergangs, Western Europe has become an increasingly lucrative target. The increase in attacks on users in Western Europe rose by 99%. This trend extends further than individual users as attacks on the cloud in western Europe rose by 124% since 2020. This indicates that businesses in Western Europe must ensure adequate cybersecurity measures to prevent a catastrophic cyber-incident. Furthermore, attacks on the cloud have skyrocketed in the Middle East, more than doubling (102% increase) in that area. Additionally, users in Asia should be wary as attacks targeting them have risen sharply by 66% in the past year.
Wherever you operate, regardless of the industry, it is crucial to stay one step ahead of cybercriminals. The data presented in this blog has concerning ramifications if you fail to action the insights provided. It is imperative to ensure security across all facets of your organization, from securing user endpoints to the cloud and everything in between. We understand that this can be a daunting task, particularly for businesses with small IT Security teams. Therefore, we recommend that you partner with a managed security provider (MSP) that can provide you with holistic security against the multitudes of attack vectors facing businesses daily. It only takes one attack to ruin the reputation of an institution. Do not delay.