The latest Cyberthreats Report from cyber protection powerhouse Acronis says that 2021 will see remote workers and managed service providers targeted by cyberattackers, with data exfiltration to outpace data encryption
Like the mafia, cyber criminals have discovered that extortion is a good money maker. Sure, you can demand a ransom to decrypt data, but when you’ve exfiltrated data and hold a company’s Crown Jewels in the form of databases, IP and more, the extortion game just reached a whole new level.
As you can expect from a company that is as thorough, innovative and experienced as Acronis, whose cyber protection solutions are billed as protecting all workloads, applications and systems, for service providers, businesses and individuals, the company’s latest “Cyberthreats Report 2020” is a detailed, in-depth, freely downloadable, 32-page review of the current threat landscape and projections for the coming year.
Based on the protection and security challenges that were amplified by the shift to remote work during the COVID-19 pandemic, Acronis warns 2021 will bring aggressive cybercrime activity as criminals pivot their attacks from data encryption to data exfiltration.
|
|
To me, this sounds like it is taking the ransom in ransomware to a scary new level that is a much greater threat.
Acronis notes that while ransomware continues to be the leading threat, with Maze ransomware accounting for nearly half of all known cases in 2020, the Cyberthreats Report “points to a growing trend of cybercriminals trying to maximize their financial gain”.
Not content to collect ransoms to decrypt infected data, these disgusting, utterly shameless and viciously evil cyber criminals “steal proprietary – and sometimes embarrassing – data before encrypting it”.
Dealing in the dark arts of blackmail and bastardry, they then threaten to publicly release the stolen files if the victim doesn’t pay up.
Acronis’ analysts found evidence that “more than 1,000 companies globally had their data leaked following a ransomware attack in 2020 – a trend that is expected to accelerate in the coming year, overtaking encryption as the criminals’ primary tactic”.
Stas Protassov, Acronis co-founder and Technology President noted that: “More than any year in recent memory, 2020 posed a tremendous number of challenges to IT professionals, organizations, and the service providers who support them.
“What we’ve seen is how quickly bad actors are adjusting their attacks to the new IT landscape. By analysing the activity, attacks, and trends we’ve detected and clearly presenting our findings, we hope to empower our partners and help the IT community at large prepare for the threats on the horizon.”
So, what are the main takeaways of the Acronis Cyberthreats Report?
Among the other notable findings in the Acronis Cyberthreats Report include:
- Attacks against remote workers will increase. While 31% of global companies reported daily cyberattacks in 2020, the frequency of attacks targeting their remote workers is projected to increase in 2021, since the defences for systems outside of the corporate network are more easily compromised, giving bad actors access to that organisation’s data.
- Ransomware will look for new victims, and become more automated. Rather than continuing to cast a wide net, ransomware attackers will focus on targets that provide a bigger return on their efforts. Breaking into one network to steal data from several companies is more profitable than attacking individual organisations. So, while small businesses will still be targeted, cloud environments and organisations like managed service providers will become more valued targets because their systems can provide access to the data of multiple clients.
- Legacy solutions struggle to keep up. Blocking the new malware has rendered traditional anti=malware solutions obsolete, as they cannot keep pace with the increased sophistication and frequency of new threats. The average lifespan of a malware sample in 2020 was just 3.4 days. As attackers continue to utilise automation, the number of malware samples will continue to climb. Organisations will need to find new approaches to protection that are agile and designed to stay ahead of new threats. Simple standalone security and backup solutions will no longer be enough.
Evolving responses to evolving threats
Candid Wüest. the VP of Cyber Protection Research at Acronis and co-author of the report said: “When it comes to existing solutions and strategies, the current trends in cyberattacks all show that traditional cybersecurity is failing – usually because of weak technologies and human error, which are both avoidable.
“Just as cybercriminals are evolving their attacks, organisations need to advance their protection and security. Comprehensive cyber protection solutions offer the integration and automation that eliminate complexity, optimize performance, and streamline recovery when a successful attack inevitably occurs.”
Acronis continues being a true pioneer in cyber protection, which, as the company describes, is “the integration of data protection, cybersecurity, and endpoint management”.
To protect all data, applications and systems, Acronis says its solutions are “designed to address the Five Vectors of Cyber Protection – safety, accessibility, privacy, authenticity, and security (SAPAS)”.
How did Acronis create its Cyberthreats Report 2020?
We’re told the Acronis Cyberthreats Report 2020 is “based on examining attack and threat data collected by the company’s global network of Acronis Cyber Protection Operations Centers (CPOCs), which monitor and research cyberthreats 24/7.
“Malware data was collected by more than 100,000 unique endpoints around the world running Acronis Cyber Protect, which launched in May 2020, and covers attacks targeting endpoints detected between June and October.
“The full report provides in-depth insights into the top security/threat trends the CPOCs observed in 2020, a review of malware families and related statistics, a deep dive into ransomware’s most dangerous groups, the vulnerabilities that contribute to successful attacks, and Acronis’ complete security forecast and recommendations for 2021”.
The report is available to freely download in full after free registration here, and it’s well worth your time to absorb the information – and resolve to learn from the data, so that you and your company will be as immune to extortion and exfiltrated data as is humanly and technologically possible.
Two infographics supplied by Acronis are below.
