Cybercriminals narrow their focus on SMBs: Cyberthreat report by Acronis

Featured Article

Acronis has released its Cyberthreats Report Mid-Year 2021 Update, which is an in-depth look at the cyberthreat trends that the company’s experts are keeping an eye on. The study, which was released at this week’s Black Hat 2021 event, where Acronis is a Diamond sponsor, cautions that based on attack trends identified in the first six months of the year, small and medium-sized businesses (SMBs) are particularly vulnerable.

According to the research, 4 out of 5 companies had a cybersecurity breach in the first half of 2021 as a result of a weakness in their third-party vendor ecosystem. At a time when the average cost of a data breach has risen to about $3.56 million, and the average ransomware payment has risen by 33% to more than $100,000, this is a significant increase.

While that would be a significant financial hit for any company, those figures would spell the end for most SMBs, according to Acronis, who sees this as a major concern for the second half of 2021.

“While the increase in attacks affects organizations of all sizes, something that’s under-reported in the coverage of current cyber threat trends is the impact on the small business community,” explained Candid Wüest, Acronis VP of Cyber Protection Research. “Unlike larger corporations, small and medium-sized companies don’t have the money, resources, or staffing expertise needed to counter today’s threats. That’s why they turn to IT service providers – but if those service providers are compromised, those SMBs are at the mercy of the attackers.”

Attackers obtain access to both the MSP firm and all of its clients by using supply-chain assaults against managed service providers (MSPs). One successful assault, as witnessed in the SolarWinds breach last year and the Kaseya VSA attack in early 2021, means they can breach hundreds or thousands of SMBs downstream.

Additional takeaways at the mid-year mark

Acronis-Report-2021 - techxmedia.

Aside from the high-profile assaults that have dominated the news in recent months, and the concerns Acronis has raised regarding the impact on MSPs and small enterprises, the Acronis Cyberthreats Report Mid-year 2021 also noted:

  • Phishing attacks are rampant. Phishing emails increased 62 percent from Q1 to Q2 by using social engineering tactics to mislead naïve users into downloading harmful files or links. This increase is especially concerning because email is used to distribute 94 percent of viruses. During the same time period, Acronis blocked over 393,000 phishing and harmful URLs for clients, preventing attackers from accessing sensitive data and infecting the client’s machine with malware.
  • Data exfiltration continues to increase. As hackers try to maximise the financial benefit from successful events, more than 1,300 victims of ransomware had their data publicly exposed during an assault in 2020. More than 1,100 data leaks have already been disclosed in the first half of 2021, indicating a 70 percent rise for the year.
  • Remote workers continue to be a prime target. In the aftermath of the COVID-19 epidemic, companies continue to rely on remote employees. Two-thirds of remote employees now use personal home gadgets for personal duties and work devices for business. As a result, attackers have begun investigating remote employees on a regular basis. Acronis saw a 300 percent rise in brute-force assaults against remote workstations through RDP, with more than double the amount of worldwide intrusions.
  • Creating the Acronis Cyberthreats Report Mid-year 2021

The Acronis Cyberthreats Report Mid-Year 2021 is based on an analysis of attack and threat data gathered by the company’s global network of Acronis CPOCs, which monitor and analyse cyberthreats 24 hours a day, seven days a week. Malware data was collected by over 250,000 distinct endpoints running Acronis Cyber Protect throughout the world (either as a client of an MSP using Acronis Cyber Protect Cloud or a business running Acronis Cyber Protect 15). The mid-year update includes endpoint attacks discovered between January and June 2021.

  The full report delves into the top security/threat trends identified by the CPOCs in the first half of 2021, including a review of malware families and related statistics, a deep dive into ransomware‘s most dangerous groups, the vulnerabilities that contribute to successful attacks, and Acronis’ security recommendations for the rest of 2021 and beyond.


Leave a Reply

Your email address will not be published. Required fields are marked *