Nearly half of breaches during the first six months of 2022 involved stolen credentials, Switzerland-based cybersecurity company Acronis reported in its Mid-Year Cyberthreat Report, published on August 24, 2022.
It will come as no surprise to learn that the cybercriminals’ prime goal in using these credentials is to launch ransomware attacks, which “continue to be the number one threat to large and medium-sized businesses, including government organizations,” the report added.
To extract these credentials, the attackers mainly use phishing techniques, with 600 malicious email campaigns that made their way across the internet in the first half of 2022, of which 58% of the emails were phishing attempts and 28% featured malware, found Acronis.
The firm also states that, “as reliance on the cloud increases, attackers have homed in on different entryways to cloud-based networks.” Cybercriminals now also target unpatched or software vulnerabilities to extract data, with a recent increased on Linux operating systems and managed service providers (MSPs) and their network of SMB customers.
The third vector spotted by Acronis Cyber Protection Operation Centers is what it calls “non-traditional entry avenues” such as cryptocurrencies and decentralized finance (DeFi) systems.
“Ransomware is worsening, even more so than we predicted,” warns the Swiss firm, mentioning Conti and Lapsus gangs as the prime targets for international security services and expecting global ransomware damages to exceed $30bn by 2023.
“Increasing complexity in IT continues to lead to breaches and compromises highlighting the need for more holistic approaches to cyber-protection. […] The current cybersecurity threat landscape requires a multi-layered solution that combines anti-malware, EDR, DLP, email security, vulnerability assessment, patch management, RMM, and backup capabilities all in one place,” the report stated.