According to the Mid-Year Cyberthreat Report, published on August 24th, by Acronis, a Switzerland-based cybersecurity company, nearly half of breaches during the first six months of 2022 involved stolen credentials.
The goal of stealing credentials is to launch ransomware attacks. According to the report, this “continue to be the number one threat to large and medium-sized businesses, including government organizations.”
Attackers usually use phishing techniques to extract these credentials. In the first half of the year, over 600 malicious email campaigns made their way across the internet, of which 58% of the emails were phishing attempts and 28% featured malware.
Acronis also added that “as reliance on the cloud increases, attackers have homed in on different entryways to cloud-based networks.”
Additionally, cybercriminals now also target unpatched or software vulnerabilities to extract data, with a recent increase on Linux operating systems and managed service providers (MSPs) and their network of SMB customers.
The third vector spotted by Acronis was “non-traditional entry avenues” such as cryptocurrencies and decentralised finance (DeFi) systems.
“Ransomware is worsening, even more so than we predicted,” warns the cybersecurity firm. Conti and Lapsus gangs are the prime targets for international security services. It is expected that global ransomware damages will exceed $30bn by 2023.
The reported stated, “increasing complexity in IT continues to lead to breaches and compromises highlighting the need for more holistic approaches to cyber-protection. […] The current cybersecurity threat landscape requires a multi-layered solution that combines anti-malware, EDR, DLP, email security, vulnerability assessment, patch management, RMM, and backup capabilities all in one place.