Acronis, a global provider of cybersecurity and data protection, has released the biannual Acronis Cyberthreats Report for 2H24.
Authored by the Acronis Threat Research Unit (TRU), the Acronis Cyberthreats Report, H2 2024: The rise of AI-driven threats has revealed a 197% rise in email cyberattacks in 2H24 compared to the same period in 2023, a 21% rise in attacks per organisation. From July to December 2024, nearly 50% of users were targeted by email-based attacks at least once.
Email attacks on managed service providers (MSPs) also increased. Phishing was the preferred attack vector for attackers, with 33% of MSPs experiencing email phishing campaigns. This was closely followed by exploits targeting vulnerabilities in the Remote Desktop Protocol (RDP) and other remote access tools. This demonstrates how cybercriminals are taking advantage of common MSP practices to gain unauthorised access and deploy malicious payloads, Acronis said.
The report also highlighted an emerging trend: MSPs are increasingly targeted by advanced persistent threat (APT)-linked ransomware groups, posing a significant and growing risk. These sophisticated actors employ espionage-style tactics, including stolen credentials, social engineering, and supply chain attacks, to infiltrate MSP networks and spread ransomware to client systems. This shift signals that MSPs are no longer opportunistic targets, but have become strategic entry points for high-stakes cyberattacks, Acronis pointed out.
Other key findings include:
 |
| Source: Acronis Cyberthreats Report, H2 2024. Number of ransomware victims by quarter. Q424 saw the highest number of successful ransomware attacks yet. |
Acronis blocked over 48 million malicious URLs at endpoints in Q424—a 7% increase from Q324.
Nearly a third (31.4%) of all emails received in 2H24 were spam, with 1.4% containing malware or phishing links.
Some 1,712 ransomware cases were reported in Q424, with notable activity from RansomHub, Akira, Play, and KillSec, accounting for 580 victims. The Cl0p ransomware group emerged as a key threat in December, with 68 reported victims.
Regional insights:
The UAE, Singapore, and Italy were the most targeted countries for malware attacks in December 2024.
The UAE reported the highest percentage of blocked malicious URLs in December (16.2%), followed by Brazil (13.2%) and Singapore (12.0%).
“The cyberthreats report from the Acronis Threat Research Unit serves as our biannual pulse on the cybersecurity landscape, offering critical insights into the latest attack trends and vulnerabilities,” said Gerald Beuchelt, CISO at Acronis.
“This release highlights the alarming rise of AI-generated attacks and the increasing sophistication of ransomware campaigns. By analysing trends from the first half of 2024 and providing actionable recommendations, the report empowers organisations, MSPs, and the cybersecurity industry to proactively strengthen their defences to stay ahead of today’s most pressing risks.”
The report also highlighted a trend involving remote monitoring and management (RMM) tools. As these have become more widely adopted for efficiency, they have introduced significant risks to organisational security. Telemetry data from the report has revealed that many organisations use multiple RMM tools simultaneously, creating blind spots that attackers can exploit. Without the proper controls, RMM tools can become entry points for ransomware attacks, which cybercriminals often use to cause even greater damage.
Explore
Download the Acronis H2 2024 Cyberthreats Report at https://www.acronis.com/en-us/resource-center/resource/acronis-cyberthreats-report-h2-2024
No comments:
Post a Comment