Acronis has kicked off its #CyberFit Summit Dubai — the third stop in the Acronis World Tour, an ongoing industry event series dedicated to bringing cyber protection to businesses everywhere.
Marking the start of the event, the company has released its annual Acronis Cyberthreats Report 2022, an in-depth review of cybersecurity trends and threats worldwide.
The Acronis Cyberthreats Report revealed that managed service providers (MSPs) are particularly at risk — having more of their own management tools, such as PSA or RMM, used against them by cybercriminals, and thus are becoming increasingly vulnerable to supply chain attacks. “
Supply-chain attacks on MSPs are particularly devastating since attackers gain access to both their business and clients — as seen in the SolarWinds breach last year and the Kaseya VSA attack earlier in 2021, one successful attack means crippling hundreds or thousands of SMBs.
The report also shows that during the second half of 2021, only 20% of companies reported not having been attacked — as opposed to 32% last year — indicating that attacks are increasing in frequency across the board.
“The cybercrime industry is a well-oiled machine, using cloud and machine intelligence to scale and automate their operations. While the threat landscape continues to grow, we see that the main attack vectors stay the same — and they still work,” said Candid Wuest, Acronis VP of Cyber Protection Research. “While the attack surface is growing and 2022 will surely bring us surprises, cyber protection automation remains the only path to greater security, reduced risks, lower costs, and improved efficiency.”
Beyond the growing efficiency of cybercriminals and the impact on MSPs and small businesses, the Acronis Cyberthreats Report 2022 also highlighted that phishing remains the main attack vector with 94% of malware being delivered by email — using social engineering techniques to trick users into opening malicious attachments or links, phishing has been topping the charts even before the pandemic.
Acronis highlighted that this attack still continues to grow rapidly: just this year, it reported blocking 23% more phishing emails and 40% more malware emails in Q3, as compared with Q2 of the same year.
The report also showed that phishing actors develop new tricks, moving to new messengers. Now targeting OAuth and multifactor authentication tools (MFA), these new tricks allow criminals to take over accounts. To bypass common anti-phishing tools, they will use text messages, Slack, Teams chats and other tools for attacks such as business email compromise (BEC). One recent example of such an attack was the infamous hijacking of the FBI’s own email service, which was compromised and started sending spam emails in November 2021.
Next, it revealed that ransomware is still the #1 threat — to big companies and SMBs alike. High-value targets include the public sector, healthcare, manufacturing, and other critical organisations. But despite some recent arrests, ransomware continues to be one of the most profitable cyber attacks these days. Acronis predicts ransomware damages will exceed $20 billion before the end of 2021.
Finally, the Acronis Cyberthreats Report found that cryptocurrency is among the attackers’ favourite playing cards. Info stealers and malware that swaps digital wallet addresses are the reality today. We can expect more such attacks waged directly against smart contracts in 2022 — attacking the programs at the heart of cryptocurrencies. Attacks against Web 3.0 apps will also occur more frequently, and new and increasingly sophisticated attacks, such as flash loan attacks, will allow attackers to drain millions of dollars from cryptocurrency pools.
Growing need for cyber protection in MEA: two data centres opening
Overall, in terms of cybersecurity, this year was the worst on record; not just for many organizations, but for many countries as well — including the UAE, a country now pushing to fight the global “cyber pandemic.” And despite their best effort, as Acronis’ own recent survey shows, 25% of people in UAE still do not use any cyber protection tools.
Malware attacks remain a global phenomenon, and every country has to fight it. In terms of blocked ransomware attacks: the UAE ranked 33rd globally, responsible for 0.3% of all global detections — a 63% increase from October 2021.
According to Acronis, while ransomware attacks are clearly on the rise in MEA, the high malware detection rates could mean that countries are paying more attention to cyber protection by upgrading their detection capabilities.
The company is also using the Acronis #CyberFit Summit to pre-announce the opening of two data centers in Africa — Nigeria and South Africa — opening in Q2 2022, helping to fulfill the company’s ongoing plan of building 110 data centres worldwide within two years.
The Acronis #CyberFit Summit taking place as a hybrid event in Dubai, UAE on December 8th─9th aims to help local organisations and citizens build up their cyber defences.
