Curated by THEOUTPOST
On Wed, 31 Jul, 8:02 AM UTC
2 Sources
[1]
Acronis Cyberthreats Report H1 2024: Breaking down key findings from the report
With mounting responsibilities and skills shortages, IT professionals are overburdened, making a threat more likely to slip past their defenses. To complicate things further, cybercriminals now have a helping hand from AI, which helps them operationalize and automate sophisticated attacks. The newly released Acronis Cyberthreats Report, H1 2024 details these and other challenges for businesses across the globe. In this report, we explore new ransomware groups, changes in ransomware patterns, emerging attacks on collaboration apps and developments in AI threats. Key findings from the report: Bahrain, Egypt and South Korea were the most targeted countries in malware attacks in Q1 2024.Nearly 28 million URLs were blocked at the endpoint by Acronis in Q1 2024, a 3% increase over Q4 2023.27.6 % of all received emails were spam -- 1.5% contained malware or phishing links.Each malware sample lived an average of 2.3 days in the wild before it disappeared -- 82% of samples were seen only once.There were 1,048 publicly reported ransomware cases in Q1 2024, a 23% increase over Q1 2023.Three highly active groups were the primary contributors to ransomware attacks, collectively responsible for about 35% of the attacks.LockBit accounted for 20% of ransomware attacks, followed by Black Basta and PLAY, with 7.1% and 7.0% respectively. LockBit was taken down a peg, but ransomware gangs persist Acronis observed a 5% increase in the number of new malware samples in the wild since Q4 of 2023. When we zero in on ransomware, the first few months of 2024 were dominated by LockBit, Play, 8Base, BlackBasta and Hunters International, the most active ransomware gang. These all-too-familiar groups continue to wreak havoc on organizations worldwide. Ransomware activity continues to climb year over year, but the data reveals a 46% decrease in ransom payments in H1. This decline is a promising sign of increased cyber resilience throughout organizations and improved security efforts within private and public entities. Despite ransomware attacks being easier to launch, profitability was hindered. In another win, the U.K.'s National Crime Agency (NCA) made monumental progress in the battle against LockBit ransomware. With the support of Europol, the NCA led Operation Cronos. The months-long stint resulted in overtaking LockBit's primary platform and critical infrastructure, including 34 servers across the Netherlands, Germany, Finland, France, Switzerland, Australia, the U.S. and U.K. However, LockBit reemerged and reengaged in cybercrime despite the arrests of some key LockBit criminals. While ransomware payments decreased and ransomware operations were significantly disrupted, daily ransomware detections increased 32% from Q4 2023 to Q1 2024. Additionally, 10 new ransomware groups emerged in Q1 2024: Mogilevich (7)RansomHub (22)dAn0n (8)DarkVault (14)Red (12)Trisec (3)Slug (1)MyData (9)Embargo (5)BlackOut (3) Phishing remains the top threat, but malware is the #1 threat to collaboration apps Organizations experienced a significant surge in email communications in H1, with the number of emails per organization increasing by 25%. This rise in email volume has been paralleled by a concerning 47% increase in email attacks targeting these organizations. Among the attacks, 26% of users encountered phishing attempts through malicious URLs, demonstrating cybercriminals' continued reliance on what is still the #1 attack type. Additionally, 13% of users received malware via email, highlighting the diverse methods attackers employ to compromise systems and steal sensitive information. Finally, social engineering increased 5% since H1 2023, while malware attacks decreased from 11% in H1 2023 to 4% in H1 2024. As more companies rely on collaboration apps like Microsoft 365, attacks within those applications, including Microsoft Teams, is on the rise. While phishing is a popular method of attack in collaboration apps (20%), 82% of attacks in H1 were malware-based attacks. Generative AI in cybercrime became clearer The misuse of generative AI and large language models (LLMs) played a role in perpetuating attacks throughout H1. We wanted to make a clear distinction to help security-focused organizations better understand AI-powered attacks. The Acronis Cyberthreats Report, H1 2024 defines two types of AI threats that are commonly used synonymously: AI-generated threats and AI-enabled malware. The term "AI-generated threats" is tossed around in headlines and the cybersecurity community. At Acronis, we want to put emphasis on the "generated" portion. These are the malware and threats that are created using AI techniques but do not incorporate AI in their operations. In this case, AI is solely a tool used for malware and threat creation. When it comes to "AI-enabled malware," the phrase is more complex. We define this as malware that integrates AI within its functionality. It may contain a complete AI model, such as an LLM, but more commonly, it communicates with a backend AI model for logic. AI-enabled malware threats can adapt to their environment and modify their behavior. The report covers six popular AI-generated attacks that we observed, including malicious emails, deepfakes used in business email compromise, deepfake extortions, KYC bypassing, script generations and malware generation. The Acronis Cyber Protect Operation Centers team also shares practical recommendations for MSPs and businesses based on report findings. Experts recommend: A reemphasis on security awareness training and solution consolidation Educating MSP and business employees on cybersecurity best practices has proven to be effective against the prolific threat landscape. As we saw a noticeable dip in ransomware profitability, improved security awareness and enhanced measures may have contributed to this accomplishment. Both human-led efforts and cybersecurity technologies are equal parts of the cyber resilience equation. On one hand, security awareness training enables employees to recognize and report phishing attempts, social engineering tactics and suspicious activity. On the other, reinforcing security measures not only involves investing in cutting-edge technologies but also taking an integrated approach to cybersecurity and data protection to augment IT management, efficiency and performance -- and reduce costs and compatibility issues. With integrated solutions such as Acronis XDR, MSPs can make their security offering more competitive while boosting visibility and protection across attack surfaces. Download the report to uncover the top cybersecurity threats and trends from H1 2024. Infographics_Cyberthreats_report_2024_240716 Report-Acronis-Cyberthreats-H1-2024-Summary-EN-US-240716
[2]
Acronis H1 2024 Cyberthreats Report Highlights a 293% Surge in Email Attacks
Biannual report reveals global malware data and trends collected from the first half of the year Acronis, a global leader in cybersecurity and data protection, today shared new research findings from the first half of 2024 in its biannual cyberthreats report by Acronis Threat Research Unit. Titled, "Acronis Cyberthreats Report H1 2024: Email attacks surge 293%, new ransomware groups emerge," the report leverages over one million unique Windows endpoints from 15 key countries around the world to bring awareness to global trends in the cybersecurity industry. Most notably, the report found that email attacks have seen a 293% surge when compared to the same period in 2023. The number of ransomware detections were also on the rise, increasing 32% from Q4 2023 to Q1 2024. Ransomware continues to be a major threat to small and medium-sized businesses (SMBs), particularly in critical industries such as government and healthcare. In Q1 2024, Acronis observed 10 new ransomware groups who together claimed 84 cyberattacks globally. Among the top 10 most active ransomware families detected during this time, three highly active groups stand out as the primary contributors, collectively responsible for 35% of the attacks: LockBit, Black Basta, and PLAY. In support of Acronis' mission to tailor business initiatives to Managed Service Providers (MSPs), the report is observant of how MSPs are being targeted and compromised. Of note, attack vectors including phishing and social engineering, vulnerability exploits, credential compromises, and supply chain attacks were highlighted as the most successful techniques used to breach MSPs' cybersecurity defenses. "As a result of the increasing volume and complexities of cyber threats we continue to uncover in the current cybersecurity landscape, it is of the utmost importance that MSPs take a holistic approach to securing their customer's data, systems, and unique digital infrastructures," said Irina Artioli, report author and Cyber Protection Evangelist at Acronis Threat Research Unit. "To do this effectively, we recommend MSPs adopt a comprehensive security strategy, including mandating security awareness trainings and incident response planning, as well as deploying advanced endpoint protection solutions like extended detection and response (XDR), multi-factor authentication, and more." Additionally, the report focuses on emerging cybersecurity trends, highlighting the increasing use of generative artificial intelligence (AI) and large language models (LLMs) by threat groups. Specifically, it underscores the growing prevalence of AI being leveraged in social engineering and automation attacks. The most common AI-generated attacks that were detected include malicious emails, deepfake business email compromise (BEC), deepfake extortions, KYC bypass, and script and malware generation. Furthermore, Acronis researchers have identified two types of AI threats. The first involves AI-generated threats, in which malware is created using AI techniques but does not utilize AI in its operations. The second is AI-enabled malware, which incorporates AI into its functionality. Other key findings from the report include: Global Threat Landscape: Bahrain, Egypt, and South Korea were the top countries targeted by malware attacks in Q1 2024.28 million URLs were blocked at the endpoint in Q1 2024.27.6 % of all received emails were spam and 1.5% contained malware or phishing links.The average lifespan of a malware sample in the wild is 2.3 days.1,048 cases of ransomware were publicly reported in Q1 2024, a 23% increase over Q1 2023. Cybersecurity Trends in H1 2024: Ransomware continues to be a major threat to SMBs, and ransomware groups have abused vulnerable drivers to get a foothold in systems and disable security tools.In the first quarter of 2024, PowerShell was the most frequently detected MITRE technique.The number of email attacks detected in H1 2024 surged by 293% compared to the first half of 2023. Ransomware Trends: In Q1 2024, Acronis researchers observed 10 new ransomware groups that together claimed 84 cyberattacks globally.The number of ransomware detections increased 32% from Q4 2023 to Q1 2024. Attacks on MSPs: MSPs were under consistent attack from January to May 2024, with data revealing email phishing campaigns were the most used by attackers.The top five most frequently discovered MITRE ATT&CK techniques in the first half of the year included PowerShell, Windows Management Instrumentation, Process Injection, Data Manipulation and Account Discovery. Phishing and email attacks: Organizations experienced a surge in email communications, with the number of emails per organization increasing by 25%.The rise in email volume coincided with a 47% increase in email attacks targeting organizations.26% of users encountered phishing attempts through malicious URLs.Social engineering increased 5% since H1 2023; however, malware attacks decreased from 11% in H1 2023 to 4% in H1 2024. Leveraging AI: Cybercriminals continue to leverage malicious AI tools like WormGPT and FraudGPT.While AI can assist attackers at every stage of the cyberattack kill chain, it can also be used as a defense mechanism as it allows for around the clock detection of attacks and reports them to experts to take appropriate response actions to ensure smooth business continuity. The Acronis H1 2024 Cyberthreats Report is curated by Acronis Threat Research Unit and includes data surrounding ransomware threats, phishing, malicious websites and software vulnerabilities, and tips on how to protect against the aforementioned threats. Released bi-annually, the Acronis Cyberthreats Report sets the industry standard by consistently establishing itself as a benchmark for cybersecurity intelligence. Acronis' analysis of the current cyber threat landscape is published for the benefit of its users, partners, and the broader, global cybersecurity community to help them stay abreast of ongoing cybersecurity developments. For more information, download a copy of the full Acronis H1 2024 Cyberthreats Report here: https://www.acronis.com/en-us/resource-center/resource/acronis-cyberthreats-report-h1-2024/ To learn more about the report and its findings, visit the Acronis blog here: https://www.acronis.com/en-us/blog/posts/acronis-cyberthreats-report-h1-2024-breaking-down-key-findings-from-the-report Visit www.acronis.com for information about Acronis solutions that help combat security challenges like these - including the new, groundbreaking native integration of Acronis Advanced Security + XDR. About Acronis: Acronis is a global cyber protection company that provides natively integrated cybersecurity, data protection, and endpoint management for managed service providers (MSPs), small and medium businesses (SMBs), and enterprise IT departments. Acronis solutions are highly efficient and designed to identify, prevent, detect, respond, remediate, and recover from modern cyberthreats with minimal downtime, ensuring data integrity and business continuity. Acronis offers the most comprehensive security solution on the market for MSPs with its unique ability to meet the needs of diverse and distributed IT environments. A Swiss company founded in Singapore in 2003, Acronis has 15 offices worldwide and employees in 50+ countries. Acronis Cyber Protect is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses. Learn more at www.acronis.com.
Share
Share
Copy Link
Acronis' latest cybersecurity report reveals a staggering 293% increase in email attacks and highlights the growing threat of AI-powered cyberattacks. The report emphasizes the need for enhanced cybersecurity measures in an evolving threat landscape.
The Acronis Cyberthreats Report for the first half of 2024 has unveiled a startling 293% surge in email-based cyberattacks compared to the previous year. This dramatic increase underscores the growing sophistication and frequency of threats targeting businesses and individuals through one of the most common communication channels 1.
The report highlights a significant trend in the cybersecurity landscape: the increasing use of artificial intelligence (AI) in cyberattacks. Cybercriminals are leveraging AI to enhance their attack strategies, making them more difficult to detect and defend against. This development poses new challenges for cybersecurity professionals and emphasizes the need for advanced, AI-driven security solutions 2.
Phishing continues to be a major concern, with the report noting that it remains one of the most prevalent and effective attack vectors. Cybercriminals are using increasingly sophisticated phishing techniques, often combining them with social engineering tactics to deceive victims and gain unauthorized access to sensitive information 1.
The Acronis report also sheds light on the evolving ransomware landscape. While the overall number of ransomware attacks has shown some fluctuation, the impact and sophistication of these attacks continue to grow. Cybercriminals are now targeting specific industries and organizations, often employing double-extortion tactics that involve both data encryption and theft 2.
Despite advancements in cybersecurity technologies, human error remains a significant factor in successful cyberattacks. The report emphasizes the importance of comprehensive cybersecurity training and awareness programs for employees at all levels of an organization. By addressing the human element, companies can significantly reduce their vulnerability to various cyber threats 1.
In light of these findings, Acronis recommends a multi-layered approach to cybersecurity. This includes implementing robust email filtering systems, leveraging AI-powered threat detection tools, regularly updating and patching software, and maintaining comprehensive backup and recovery solutions. The report also stresses the importance of adopting a proactive stance towards cybersecurity, rather than relying solely on reactive measures 2.
Reference
Recent reports from Trend Micro and Zscaler reveal India's growing vulnerability to cyber threats, ranking high globally in email, ransomware, and malware attacks. Key sectors like manufacturing, banking, and government face significant risks.
2 Sources
2 Sources
Secureworks' 2024 State of the Threat Report reveals a significant rise in ransomware groups, changes in attack strategies, and the increasing use of AI in cybercrime, highlighting new challenges for cybersecurity.
2 Sources
2 Sources
A new Cloudflare survey highlights the growing threat of AI-enhanced cyberattacks in Asia Pacific, with 87% of cybersecurity leaders expressing concern about AI increasing the sophistication of data breaches.
2 Sources
2 Sources
As AI-driven cyber threats evolve, organizations are turning to advanced technologies and zero-trust frameworks to protect identities and secure endpoints. This shift marks a new era in cybersecurity, where AI is both a threat and a critical defense mechanism.
2 Sources
2 Sources
As AI transforms the cybersecurity landscape, organizations are adopting AI-driven tools to defend against increasingly sophisticated AI-powered attacks. This article explores the challenges and strategies in this evolving cyber arms race.
3 Sources
3 Sources
The Outpost is a comprehensive collection of curated artificial intelligence software tools that cater to the needs of small business owners, bloggers, artists, musicians, entrepreneurs, marketers, writers, and researchers.
© 2025 TheOutpost.AI All rights reserved