cyber trends
Ransomware continues to worsen :
• Ransomware continues to be the number one threat to enterprises and businesses including government , healthcare and organisations in other sectors .
• Each month in the second half of last year , ransomware gangs were adding 200 – 300 new victims to their combined list .
• The market of ransomware operators was dominated by four-to-five players . By the end of Q3 the total number of compromised targets published for the main operators in 2022 were as follows :
• LockBit – 1157
• Hive – 192
• BlackCat – 177
• Black Basta – 89
• 576 publicly mentioned ransomware compromises in Q3 , a slight increase from Q2 .
• The number of ransomware incidents decreased slightly in Q3 , after a high during the summer months . From July to August , Acronis saw a 49 % increase in blocked ransomware attacks globally , followed by a decrease of 12.9 % in September and 4.1 % in October .
• There is a shift towards more data exfiltration as the main actors are continuing to professionalise their operations . Most of the large players have expanded to MacOS and Linux and are also looking at the cloud environment .
Phishing and malicious emails remain successful for threat actors :
• The most-attacked countries in terms of malware per user in Q3 of 2022 were South Korea , Jordan and China .
• An average of 7.7 % of endpoints tried to access some malicious URLs in Q3 2022 , slightly reduced from 8.3 % in Q2 .
• The country with the most clients experiencing malware detections in October 2022 was the US with 22.1 %, followed by Germany with 8.8 % and Brazil with 7.8 %, which are very similar to the Q2 numbers , except for the US and Germany which had a small increase , especially in financial trojans .
• Spam rates have increased by over 15 % – reaching 30.6 % of all inbound traffic .
• Email-borne attacks are targeting virtually all industries . By analysing the top 50 most attacked organisations , it seems that the most attacked industries are :
• Construction
• Retail
• Real estate
• Professional Services ( Services and computers & IT )
• Finance
• Between July and October 2022 , the proportion of phishing attacks has risen by 1.3x reaching 76 % of all email attacks ( up from 58 % in H1 2022 ). This rise is at the expense of the proportion of malware attacks .
Unpatched vulnerabilities prove fruitful into the second half of the year :
• Acronis continues to see and warn businesses and home-users that new zero-day vulnerabilities and old unpatched ones are the top vector of attack to compromise systems .
• While software vendors try to keep up and release patches regularly , quite often it is still not enough – a lot of attacks succeed due to unpatched vulnerabilities .
• Microsoft :
• Another phishing campaign targeting Microsoft did impersonate ‘ the Microsoft team ’ and tried to bait the recipients into adding their memo text onto an online memorial board ‘ in memory of Her Majesty Queen Elizabeth II ’ when she passed away in September .
• Another large-scale phishing campaign was spotted targeting credentials for Microsoft ’ s M365 email services . It is aimed at FinTech , lending , accounting , insurance and Federal Credit Union organisations in the US , UK , New Zealand and Australia . u www . intelligentciso . com
21