Acronis, a global company in cyber protection, released its latest cyber threats and trends report for the second half of 2022 which found that phishing and the use of MFA fatigue attacks, an extremely effective method used in high-profile breaches, are on the rise. Conducted by Acronis’ Cyber Protection Operation Center, the report provides an in-depth analysis of the cyber threat landscape including ransomware threats, phishing, malicious websites, software vulnerabilities and a security forecast for 2023.
Notably, the report discovered that phishing and malicious email threats have climbed by 60%, and the average cost of a data breach is anticipated to reach US$5 million by the end of the following year. Social engineering attacks, which made up 3% of all attacks in the last four months, increased, according to the research team that produced the report. Nearly half of the reported breaches in H1 2022 were caused by leaked or stolen credentials, which makes it simple for attackers to conduct cyberattacks and ransomware campaigns.
Candid Wüest, Acronis VP of Cyber Protection Research said “The last few months have proven to be as complex as ever – with new threats constantly emerging and malicious actors continuing to use the same proven playbook for big payouts.”
Wüest added “Organizations must prioritize all-encompassing solutions when looking to mitigate phishing and other hacking attempts in the new year. Attackers are evolving, using some of the tools, like MFA, that we rely on to protect our employees and businesses against us.”
As the Middle East digital landscape expands, effective cybersecurity measures are becoming increasingly crucial due to a rise in data breaches. Security experts predict that the cost of breaches in the Kingdom of Saudi Arabia alone could average around $7 million, with the country experiencing one in every five attacks as ransomware.
With the average cost of ransomware attacks increasing every year, factors such as weak credentials, phishing emails, and unpatched vulnerabilities remain the top cyber-attacking vectors. In the UAE, targeted organizations lost over US$1.4 million in ransomware, forcing over 40% of the impacted companies to shut down. Following this worrying trend, the UAE Cyber Security Council announced the adoption of stringent cybersecurity standards to safeguard the country’s digital space.
South Africa is the sixth-most densely populated region in the world for cybercrime, and the number of victims there increased from 14.1 per million internet users in 2019 to 50.8 in 2020. To efficiently regulate and prosecute cybercrimes, the nation most recently passed its cybersecurity act, which defines cybercrimes in great detail.
Banks, online payment systems, and e-commerce websites were the targets of a large increase in financial phishing efforts in Kenya and Nigeria in the first and second quarters of 2022. Over 61,000 financial phishing assaults were recorded in Nigeria, an increase of 79% from Q1, and Kenya reported over 100,000 financial phishing attacks, a 201% increase from Q1.
As security tactics and the technologies associated with them evolve, so do the threat actors trying to break into organizations and their ecosystems. The constant feed of ransomware, phishing and unpatched vulnerabilities demonstrates how crucial it is for businesses to reevaluate their security strategies.