Digital transformation has ushered in a new age of cybercrime and a new breed of cybercriminals that are faster and more sophisticated, with an abundance of devices and applications at their fingertips. Opportunities for malicious cyberattacks have risen since the beginning of the COVID-19 pandemic and continue thanks to the widespread adoption of remote work. According to Cybersecurity Ventures, cybercrime damages reached $6 trillion globally in 2021, as the average cost of data breaches rose from $3.9 million to $4.2 million, the highest average total in the past 17 years.
While cybercrimes of all kinds have been increasing in volume and sophistication, ransomware is quickly becoming an Achilles heel for many organizations. Ransomware is a form of malware that is installed covertly on a system and executes a crypto virology attack that locks or encrypts files on the network. Once in, malicious actors may also move laterally within an organization's network, infect endpoints and servers, and demand a ransom to restore access to a company's own data.
However, what truly makes ransomware so detrimental to enterprises is not only the way it infiltrates a company, but how severe the damages of a ransomware breach or hack can be. The FBI estimates ransom payments per year exceed $1 billion.
October is Cybersecurity month, an annual initiative started by U.S. federal government agencies in 2004 that provides an opportunity to put renewed attention on cybersecurity and the IT vendors doing innovative work in the field. Acronis, a software development and cybersecurity company, recently published a mid-year cyberthreat report conducted by the Acronis Cyber Protection Operation Centers.
The report details how ransomware continues to be the number one threat to large and medium-sized businesses, including government organizations and underscores the need for more holistic approaches to cybersecurity.
To extract credentials and other sensitive information, cybercriminals use phishing and malicious emails as their preferred infection vectors. The Acronis report explains that nearly one percent of all email contains malicious links or files, and more than one quarter (26.5%) of the email was delivered to the user's inbox and then removed by Acronis email security.
The report also found that ransomware is worsening. The Conti cybergang demanded $10 million in ransom from the Costa Rican government and has published much of the 672 GB of data it stole. The U.S. State Department is offering up to $15 million for information about the leadership and co-conspirators of Conti.
According to the Acronis report, the use of phishing, malicious email and websites, and malware also continues to grow. Six hundred malicious email campaigns made their way across the internet in the first half of 2022. More than half of the emails were phishing attempts, while another 28% of those emails featured malware.
"This comprehensive research report is required reading for MSPs who are increasingly entrusted with the protection of their customers' data, network, and applications," said Scott Chasin, Chief Technology Officer of Pax8, which bring solutions, including Acronis, to MSPs through its cloud marketplace. "The report goes into detail about how cybercriminals use malware and target unpatched software vulnerabilities to extract data and hold organizations hostage, addressing one of the most pervasive types of attacks. We are committed to ongoing education on cybersecurity issues, during Cybersecurity Awareness Month and throughout the year. Businesses of all sizes cannot afford to ignore growing risks. One attack can bring an entire business down — whether through malicious activity to steal data to use or to hold businesses hostage."
Further complicating the cybersecurity threat landscape is the proliferation of attacks on nontraditional entry avenues. Attackers have made cryptocurrencies and decentralized finance systems a priority of late. Successful breaches using these various routes have resulted in the loss of billions of dollars and terabytes of exposed data.
These attacks can be launched due to overcomplexity in IT, a common problem as many tech leaders assume more vendors and programs lead to improved security when the opposite is true. Increased complexity exposes more surface area and gaps to potential attackers, keeping organizations vulnerable to potentially devastating damage.
"Today's cyberthreats are constantly evolving and evading traditional security measures," said Candid Wüest, Acronis VP of Cyber Protection Research. "Organizations of all sizes need a holistic approach to cybersecurity that integrates everything from anti-malware to email security and vulnerability assessment capabilities. Cybercriminals are becoming too sophisticated and the results of attacks too dire to leave it to single-layered approaches and point solutions."
Also known as a multi-layered cybersecurity defense, it encompasses overlapping safeguards, limited access points, end-user training, and perimeter defenses. Essentially, MSPs need to become digital fortresses with multiple layers of proactive protection that serve to monitor, detect, alert, and prevent the onslaught of cyberattacks.
A holistic operational view of cybersecurity through more integrated, automated, data-driven risk modeling software offers a wide array of advantages for an enterprise. For example, continuous digital monitoring of risk exposure flags emerging and escalating threats facilitating faster, more proactive responses to attacks.
Today, most attacks take the form of malware and phishing, which are methods of intrusion that thrive on the negligence and mistakes of those they target. A multi-layered security system can protect computer systems and those using them from unauthorized access by employing a combination of defense components. Taking these steps toward a holistic cybersecurity approach can be an enterprise's first step toward bolstering its defenses and avoiding ransomware and other cyberattack forms.
Edited by Erik Linask