Acronis H1 2024 Cyberthreats Report Highlights a 293% Surge in Email Attacks
30 July 2024 - 1:15PM
UK Regulatory
Acronis H1 2024 Cyberthreats Report Highlights a 293% Surge in
Email Attacks
Biannual report reveals global malware data and trends
collected from the first half of the year
SCHAFFHAUSEN, Switzerland, July 30, 2024 (GLOBE
NEWSWIRE) -- Acronis, a global leader
in cybersecurity and data protection, today
shared new research findings from the first half of 2024 in its
biannual cyberthreats report by the Acronis Threat Research Unit.
Titled, “Acronis Cyberthreats Report H1 2024: Email attacks surge
293%, new ransomware groups emerge,” the report leverages over one
million unique Windows endpoints from 15 key countries around the
world to bring awareness to global trends in the cybersecurity
industry. Most notably, the report found that email attacks have
seen a 293% surge when compared to the same period in 2023. The
number of ransomware detections were also on the rise, increasing
32% from Q4 2023 to Q1 2024.
Ransomware continues to be a major threat to small
and medium-sized businesses (SMBs), particularly in critical
industries such as government and healthcare. In Q1 2024, Acronis
observed 10 new ransomware groups who together claimed 84
cyberattacks globally. Among the top 10 most active ransomware
families detected during this time, three highly active groups
stand out as the primary contributors, collectively responsible for
35% of the attacks: LockBit, Black Basta, and PLAY.
In support of Acronis’ mission to tailor business
initiatives to Managed Service Providers (MSPs), the report is
observant of how MSPs are being targeted and compromised. Of note,
attack vectors including phishing and social engineering,
vulnerability exploits, credential compromises, and supply chain
attacks were highlighted as the most successful techniques used to
breach MSPs’ cybersecurity defenses.
“As a result of the increasing volume and
complexities of cyber threats we continue to uncover in the current
cybersecurity landscape, it is of the utmost importance that MSPs
take a holistic approach to securing their customer’s data,
systems, and unique digital infrastructures,” said Irina Artioli,
report author and Cyber Protection Evangelist at Acronis Threat
Research Unit. “To do this effectively, we recommend MSPs adopt a
comprehensive security strategy, including mandating security
awareness trainings and incident response planning, as well as
deploying advanced endpoint protection solutions like extended
detection and response (XDR), multi-factor authentication, and
more.”
Additionally, the report focuses on emerging
cybersecurity trends, highlighting the increasing use of generative
artificial intelligence (AI) and large language models (LLMs) by
threat groups. Specifically, it underscores the growing prevalence
of AI being leveraged in social engineering and automation attacks.
The most common AI-generated attacks that were detected include
malicious emails, deepfake business email compromise (BEC),
deepfake extortions, KYC bypass, and script and malware generation.
Furthermore, Acronis researchers have identified two types of AI
threats. The first involves AI-generated threats, in which malware
is created using AI techniques but does not utilize AI in its
operations. The second is AI-enabled malware, which incorporates AI
into its functionality.
Other key findings from the report include:
Global Threat Landscape:
- Bahrain, Egypt, and South Korea were the top countries targeted
by malware attacks in Q1 2024.
- 28 million URLs were blocked at the endpoint in Q1 2024.
- 27.6 % of all received emails were spam and 1.5% contained
malware or phishing links.
- The average lifespan of a malware sample in the wild is 2.3
days.
- 1,048 cases of ransomware were
publicly reported in Q1 2024, a 23% increase over Q1 2023.
Cybersecurity Trends in H1
2024:
- Ransomware
continues to be a major threat to SMBs, and ransomware groups have
abused vulnerable drivers to get a foothold in systems and disable
security tools.
- In the first
quarter of 2024, PowerShell was the most frequently detected MITRE
technique.
- The number of
email attacks detected in H1 2024 surged by 293% compared to the
first half of 2023.
Ransomware Trends:
- In Q1 2024, Acronis researchers
observed 10 new ransomware groups that together claimed 84
cyberattacks globally.
- The number of ransomware detections
increased 32% from Q4 2023 to Q1 2024.
Attacks on MSPs:
- MSPs were under consistent attack
from January to May 2024, with data revealing email phishing
campaigns were the most used by attackers.
- The top five most frequently
discovered MITRE ATT&CK techniques in the first half of the
year included PowerShell, Windows Management Instrumentation,
Process Injection, Data Manipulation and Account Discovery.
Phishing and email attacks:
- Organizations experienced a surge in
email communications, with the number of emails per organization
increasing by 25%.
- The rise in email volume coincided
with a 47% increase in email attacks targeting organizations.
- 26% of users encountered phishing
attempts through malicious URLs.
- Social engineering increased 5%
since H1 2023; however, malware attacks decreased from 11% in H1
2023 to 4% in H1 2024.
Leveraging AI:
- Cybercriminals continue to leverage
malicious AI tools like WormGPT and FraudGPT.
- While AI can assist attackers at
every stage of the cyberattack kill chain, it can also be used as a
defense mechanism as it allows for around the clock detection of
attacks and reports them to experts to take appropriate response
actions to ensure smooth business continuity.
The Acronis H1 2024 Cyberthreats Report is curated
by Acronis Threat Research Unit and includes data surrounding
ransomware threats, phishing, malicious websites and software
vulnerabilities, and tips on how to protect against the
aforementioned threats. Released bi-annually, the Acronis
Cyberthreats Report sets the industry standard by consistently
establishing itself as a benchmark for cybersecurity intelligence.
Acronis’ analysis of the current cyber threat landscape is
published for the benefit of its users, partners, and the broader,
global cybersecurity community to help them stay abreast of ongoing
cybersecurity developments.
For more information, download a copy of the full
Acronis H1 2024 Cyberthreats Report here:
https://www.acronis.com/en-us/resource-center/resource/acronis-cyberthreats-report-h1-2024/
To learn more about the report and its findings,
visit the Acronis blog here:
https://www.acronis.com/en-us/blog/posts/acronis-cyberthreats-report-h1-2024-breaking-down-key-findings-from-the-report
Visit www.acronis.com for information
about Acronis solutions that help combat security challenges like
these – including the new, groundbreaking native integration
of Acronis Advanced Security + XDR.
About Acronis:
Acronis is a global cyber protection company that provides natively
integrated cybersecurity, data protection, and endpoint
management for managed service providers (MSPs), small and medium
businesses (SMBs), and enterprise IT departments. Acronis solutions
are highly efficient and designed to identify, prevent, detect,
respond, remediate, and recover from modern cyberthreats with
minimal downtime, ensuring data integrity and business continuity.
Acronis offers the most comprehensive security solution on the
market for MSPs with its unique ability to meet the needs of
diverse and distributed IT environments.
A Swiss company founded in Singapore in 2003,
Acronis has 15 offices worldwide and employees in 50+ countries.
Acronis Cyber Protect is available in 26 languages in 150 countries
and is used by over 20,000 service providers to protect over
750,000 businesses. Learn more at www.acronis.com.
Media Contact:
Cassandra Faro
781 782 9000
cassandra.faro@acronis.com
A photo accompanying this announcement is available at
https://www.globenewswire.com/NewsRoom/AttachmentNg/066bd187-9059-4147-8dd0-2d2a9686eca3