Report: a global 125% increase in cyberattacks

Cyber attacks have tripled since last year

Cybercrime continues to rise

A report^[1] published in Accenture's Cyber Investigations, Forensics & Response mid-year update brings a worrying message – cybercrime activity has jumped 125% globally in the first half of 2021. This was the result of web shell activity which is an interface that enables a web server to be remotely accessed. Using network monitoring tools, an attacker can find vulnerabilities that allow the delivery of a web shell. Using it, they can download, delete, upload, and send files to and from the webserver.

The most affected by cybercriminals is the consumer goods and services industry by taking up 21%. The industrial and banking industries were in second and third place with 16% and 10% respectively. Geographically The United States accounted for 36% of incidents, followed by the U.K. with 24% and Australia with 11%. Robert Boyce, leader of Accenture's global cyber investigations, forensics, and response business, said:

Many organizations today are only securing their core corporate systems and not fully protecting their supply chain, subsidiaries and affiliates. That's why it's critical for companies to have a holistic plan to cover their entire ecosystems

By not protecting their entire systems that store data, companies are vulnerable to cyber-attacks. Organizations with annual revenue of $1 to almost $10 billion were victims 54% of the time by ransomware and extortion. The aerospace and defense industry was the least affected at 1%, which shows the importance of security measures. Businesses need to evaluate their current digital security strategies and determine how to respond to rising threats.

At present, cybersecurity involves a network, endpoint, application, content, cloud, and wireless security solutions. These solutions can work well individually, but combining them together would create a strong defense wall against next-level threats.

Most popular malware used by hackers

The largest malware category observed by volume was ransomware at 38%. This method works by encrypting the organization's files, making them unavailable, and demanding payment to decrypt them. Most often, paying the ransom is the easiest and cheapest way to regain access to their files back. The most affected was the insurance industry at 23%.

The second category is Backdoor at 33%. Generally classified as a trojan, it is a computer program pretending to be something different than it actually is. If infected, hackers can steal data. What makes it complicated is the use of a rootkit^[2]. With the help of a rootkit, the malware can avoid detection and conceal internet activity with continued access to infected systems.

Credential stealers were responsible for 6% of attacks recorded, and their main objective is to gather as much confidential and sensitive information as possible. They do this by impersonating a widely known establishment or person in email, personal messages, or other communication channels. Attackers then use the affected organizations' credentials to execute attacks on secondary targets.

At 6%, droppers' and launchers' attacks are carried out in two stages. The first step is to create a trojan that could install a virus, backdoor, or other types of malware to a target system. The malware code can not be detected by virus scanners or other security programs. The second stage is to activate the dropper to actually download the malware.

Attacks made by other types of malware take up 17%.

Ransomware is likely to remain one of the biggest threats to businesses

As cybercriminals pursue more powerful pressure strategies, ransomware and extortion operations are expected to remain one of the top threats to companies globally. In the face of the cybersecurity executive order, which will seek for more transparent relationships between government and businesses hackers are expected to continue to take advantage of product and supply chain weaknesses. Companies should beware of the increase in web shell activity in the second half of the year. According to co-founder, and CEO of Deep Instinct Guy Caspi:

The problem is not limited to the sheer volume of attacks, our study shows that the sophistication of attacks has grown with advanced evasive tactics that make detection much more difficult.

The cybercrime economy has grown just as the digital economy exploded at the beginning of the pandemic. The global cost of cybercrime is said to exceed $1 trillion while only 31% of business owners said their cyber and privacy investments will rise by double digits^[3]. By not tackling this threat companies risk experiencing leaks and breaches of personal data that could reduce customer trust.