Last year saw a surge of criminal cyber activity, with as many as 304 million ransomware attacks recorded globally, a staggering 62% increase from 2019. It comes with a bitter understanding that a tenth of all analyzed attacks could have been easily prevented, according to Kaspersky’s incident response analyst report.
The shift to remote work caused by the pandemic presented a myriad of opportunities for threat actors, which they were sure to make use of. According to Kaspersky, the most targeted industries in 2020 were the industrial (22%) and government (19%) sectors. These results do not come as a surprise, as criminals are most interested in institutions capable of paying a ransom. Likely for this reason, the education sector was the least affected by cyberattacks in 2020 (2%).
Quite surprisingly, most incidents were reported in Russia and the CIS region (27.8%), followed by the European Union (24.7%) and the Middle East (22.7%). The least affected territories were Africa and the Asia-Pacific. According to the report by Kela, targeting a wealthy region is usually one of the main criteria for deciding on an attack, as those are more likely to host richer companies.
When it comes to the specifics of attacks, most threat actors got access to sensitive information using brutforce (31.58%), exploitation of public-facing applications (31.58%), and malicious e-mail (23.68%). Only 2.63% of all recorded attacks were carried out with the help of an insider. The most widespread type of cyberattacks, bruteforce, is a common attack tactic used by hackers where they go through thousands possible combinations to find matching encryption keys or passwords. This allows them to forcefully gain access to an organization. Kaspersky suggests that brutforce is simply detectable in theory, but practically, it’s hard to notice in time for a swift response.
Finally, the report suggests that in 44% of the cases, offensive tools were used to carry out an attack. The most common ones were Cobalt Strike, CScript, Impacket, Powershell, and PsExec.
Attackers almost universally used vulnerabilities that were a few years old, meaning that the majority of the attacks could have been prevented with appropriate security updates. The results highlight the importance of frequent security reviews in all organizations regardless of their size.
Keep your systems up to date
It might seem like cyber security concerns are inflated, but in reality, a new organization will suffer from a ransomware attack every 11 seconds in 2021. It’s already become a new reality, where all businesses regardless of their financial capabilities and size might experience data breaches and ransom demands. Investing in strong security measures is a cost-effective and productive way out of this situation.
According to Kaspersky’s report, using a strong password reduces the likelihood of a breach by 60%, while opting for an appropriate patch management policy could cut an additional 30%. Additionally, make sure all employees have two-factor authentication (2FA) enabled and are educated on phishing and malicious links.