Acronis has released its Cyberthreats Report Mid-Year 2021 Update, which is an in-depth look at the cyberthreat trends that the company’s experts are keeping an eye on. The study, which was released at this week’s Black Hat 2021 event, where Acronis is a Diamond sponsor, cautions that based on attack trends identified in the first six months of the year, small and medium-sized businesses (SMBs) are particularly vulnerable.
According to the research, 4 out of 5 companies had a cybersecurity breach in the first half of 2021 as a result of a weakness in their third-party vendor ecosystem. At a time when the average cost of a data breach has risen to about $3.56 million, and the average ransomware payment has risen by 33% to more than $100,000, this is a significant increase.
While that would be a significant financial hit for any company, those figures would spell the end for most SMBs, according to Acronis, who sees this as a major concern for the second half of 2021.
“While the increase in attacks affects organizations of all sizes, something that’s under-reported in the coverage of current cyber threat trends is the impact on the small business community,” explained Candid Wüest, Acronis VP of Cyber Protection Research. “Unlike larger corporations, small and medium-sized companies don’t have the money, resources, or staffing expertise needed to counter today’s threats. That’s why they turn to IT service providers – but if those service providers are compromised, those SMBs are at the mercy of the attackers.”
Attackers obtain access to both the MSP firm and all of its clients by using supply-chain assaults against managed service providers (MSPs). One successful assault, as witnessed in the SolarWinds breach last year and the Kaseya VSA attack in early 2021, means they can breach hundreds or thousands of SMBs downstream.
Aside from the high-profile assaults that have dominated the news in recent months, and the concerns Acronis has raised regarding the impact on MSPs and small enterprises, the Acronis Cyberthreats Report Mid-year 2021 also noted:
The Acronis Cyberthreats Report Mid-Year 2021 is based on an analysis of attack and threat data gathered by the company’s global network of Acronis CPOCs, which monitor and analyse cyberthreats 24 hours a day, seven days a week. Malware data was collected by over 250,000 distinct endpoints running Acronis Cyber Protect throughout the world (either as a client of an MSP using Acronis Cyber Protect Cloud or a business running Acronis Cyber Protect 15). The mid-year update includes endpoint attacks discovered between January and June 2021.
The full report delves into the top security/threat trends identified by the CPOCs in the first half of 2021, including a review of malware families and related statistics, a deep dive into ransomware‘s most dangerous groups, the vulnerabilities that contribute to successful attacks, and Acronis’ security recommendations for the rest of 2021 and beyond.