Acronis Cyber Readiness Report shows 53% of companies are left exposed to supply chain attacks

Cyber security from Acronis In the midst of the global pandemic, the company released its annual Cyber Readiness Report, which provides a thorough assessment of the modern cybersecurity landscape and the significant pain problems encountered by enterprises and remote employees throughout the world.

 According to a study conducted by Acronis last year, more than 80% of worldwide firms stated they were not prepared to shift to remote work, highlighting significant weaknesses that businesses must swiftly plan and address.

“The cybercrime industry proved to be a well-oiled machine this year – relying on proven attack techniques, like phishing, malware, DDoS and others. Threat actors are increasingly expanding their targets, while organizations are held back by the growing complexity of IT infrastructure,” says Candid Wuest, Acronis VP of Cyber Protection Research.

He added, “Only a small number of companies have taken the time to modernize their IT stack with integrated data protection and cybersecurity. The threat landscape will continue to grow and  automation is the only path to greater security, lower costs and improved efficiency and reduced risks”.

The research claims that 53 percent of global organisations have a false feeling of security when it comes to supply chain attacks, based on findings from this year’s independent poll of 3,600 IT managers and remote employees at small and medium-sized businesses in 18 countries around the world. Despite the widely publicised attacks on trustworthy software manufacturers such as Kaseya and SolarWinds, more than half of IT executives believe that employing “known, trusted software” provides adequate protection, making them easy targets.

Attacks growing in volume and sophistication

Three out of ten businesses report being targeted by a cyberattack at least once a day, which is similar to last year; however, just 20% of businesses reported not being targeted this year, down from 32% in 2020, indicating that the volume of attacks is increasing.

• The most prevalent attack types hit new highs this year, including phishing attacks, which are still on the rise and now account for 58 percent of all attacks. Malware attacks are also on the rise in 2021, accounting for 36.5 percent of all attacks compared to 22.2 percent in 2020.
• This year, however, was the year of phishing: demand for URL filtering solutions has increased tenfold since 2020, with 20% of worldwide businesses now understanding the threat phishing poses to their operations.
• multi-factor authentication (MFA), nearly half of IT managers (47%) are not using MFA solutions – leaving their businesses exposed to phishing attacks. According to these findings, they either see no value in it or consider it too complex to be implemented.

Organizations all across the world have begun to prepare for the mounting risks, but hackers have already taken three steps for every one that enterprises have taken.

• The demand for antivirus solutions has grown by 30% – from 43% last year to 73.3% in 2021. However, companies are just discovering that standalone antivirus solutions no longer work against modern threats: we saw the demand for an integrated backup/disaster recovery with antivirus solutions more than double – from 19% in 2020 to 47.9% this year.
• Demand for vulnerability assessments and patch management grew significantly: from 26% in 2020 to 45% this year. This can be attributed, in part, to the increased volume of vulnerabilities exposed this year in critical and in-core software deployments such as Microsoft Exchange server, Chrome browsers or Apache web servers.
• Not surprisingly, the demand for better and more secure remote monitoring and management tools grew over three times – 35.7% this year, up from 10% in 2020. With remote work now  being recognized as a long-term default format of work, it’s more important than ever for IT managers to be able to monitor and manage a wide range of remote devices.

We witnessed a surge in use of new services – particularly SaaS and Cloud Computing services – in last year’s Acronis Cyber Readiness Report, and firms are continuing to adopt new solutions this year. However, this has increased the total complexity of IT environments, which will almost certainly result in future breaches and unscheduled downtime.

Remote employees make the most attractive targets

These Acronis findings and external studies show why companies need a cyber protection solution that minimises complexity and enhances security to enable remote work settings, and that this solution must be cost-effective to handle the remote workforce’s growing size.

• One in every four remote employees said that one of the biggest issues they faced this year was a lack of IT help. The top three technological obstacles reported by remote workers around the world are: Wi-Fi connectivity, the use of a VPN and other security measures, and a lack of IT assistance are all issues that need to be addressed.
• One out of every four remote employees does not use multi-factor authentication, making them easy phishing targets in 2021, when phishing is expected to be the most popular attack method.
• On average, one out of every five remote employees is heavily targeted by phishing attempts, receiving well over 20 phishing emails every month – with 71% of respondents indicating that they are targeted monthly. It is critical to learn to recognise such attacks through cybersecurity awareness training in order to keep companies and personal assets safe.
• We’ve observed attackers aggressively broadening their target pool — it’s no longer simply Microsoft Windows-based workloads – with users reporting an increase in attacks on Linux, MacOS, Android, and iOS devices. Attackers are increasingly targeting virtualized environments.

Unfortunately, fraudsters no longer need to be tech-savvy to cause havoc — just look at malware. Cybercriminal gangs have expanded their malware-as-a-service business model, which offers step-by-step instructions on how to profit from compromising targets.

Despite the increasing risks to employees, remote work is here to stay; people will continue to work and hire remotely, and that’s the reality that most IT teams must prepare for: finding a solution to hardware shortages, increased complexity, and a greater need for IT support and modern cybersecurity solutions. Companies must now prepare for an existential crisis, and the costs of failing to do so are high.

Platform with deeper industry insights

Remote work, like increasingly sophisticated cyberattacks, is here to stay. As a result, it is the responsibility of both the organisation and the individual to adhere to the best cyber security measures available.

If you’re interested in learning more about cybersecurity issues and solutions for organisations, don’t miss out on the Acronis #CyberFit Summit World Tour 2021, which launched up on October 25 in Miami, Florida with a hybrid format that included in-person and virtual sessions. Now is the time to register in order to:

• Attend free virtual workshops focused on results and learn from world-class experts who will explain cyber security tactics and deployment alternatives.
• Expert guidance from top IT channel, cybersecurity, and industry professionals can help you improve your MSP’s cyber security skills.
• Hear exclusive case studies from MSPs and MSSPs that have been successful, lucrative, and scaling.
• Learn how to expand your company with cybersecurity-focused services.
• Participate in hands-on, interactive workshops, illuminating panels and breakout sessions, and motivating keynotes – all while networking with other IT channel professionals.