Powered by MOMENTUM MEDIA
cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Ransomware remains largest cyber threat to SMBs as phishing activity spikes

OpenText Security Solutions announced the release of its 2022 BrightCloud Threat Report, outlining the biggest trends that impacted small and large businesses in 2021, with key findings revealing that during the month of May 2021, there was a 770 per cent overall phishing activity spike.

user iconReporter
Tue, 29 Mar 2022
Ransomware remains largest cyber threat to SMBs as phishing activity spikes
expand image

With security risks escalating and a persistent state of threats, compromises are inevitable, the data reiterates the need for organisations to deploy strong multi-layered security defences for protection against even the most creative cyber criminals.

Remote and hybrid work environments, along with rapidly shifting world affairs, continues to alter how we interact and presents new security challenges that opens lucrative avenues for bad actors.

Last year, phishing attacks escalated across email, text, and other communications platforms and new high-risk malicious URLs were found hiding behind proxy avoidance and “anonymisers”. Alternatively, while browser-based cryptojacking may have practically disappeared, cryptomining malware shifted into mainstream as cyber criminals continue looking for ways to compromise data and personal information.

Businesses’ ability to prepare for and recover from threats will increase as they integrate cyber resilience into their technologies, processes, and people, according to Mark J. Barrenechea, OpenText CEO and CTO.

“With security risks escalating worldwide and a persistent state of ‘unprecedented’ threats, compromises are inevitable.

"This years findings reiterate the need for organisations to deploy strong multi-layered security defences to help them remain at the heart of cyber resilience and circumvent even the most creative cyber criminals, Barrenechea said.

Key report highlights included the following categories:

Phishing and impersonated companies

  • There was 770 per cent overall phishing activity spike during the month of May 2021.
  • January-April 2021 saw a mere 9 per cent of phishing activity.
  • Fifty-four per cent of all detected phishing URLs in 2021 were from top-targeted brands: Apple, Facebook, YouTube, Microsoft, and Google.
  • eBay fell from being number one impersonated brand in 2020, dropping out of the top 10 completely in 2021 as pandemic-related shortages eased.

Malware

  • Consistently YOY, 86.3 per cent of malware is unique to a single PC.
  • Eighty-three per cent of Windows malware hides in one of four locations, noting that %appdata% saw a 46 per cent decrease from the prior year, and %desktop% saw a 40 per cent increase from the prior year.
  • The number of malware files reaching Webroot-protected Windows endpoints dropped 58 per cent between 2020 and 2021.

Manufacturing registered 54 per cent above average in 2021

  • Public administration saw a 41 per cent rise above average in 2021.
  • Finance and Insurance were 22 per cent below average in 2021.
  • Manufacturing was the industry most likely to be infected in 2021 based on a willingness to pay ransoms to prevent supply chain disruptions.

The 2021 Colonial Pipeline incident was reminiscent of the damage and chaos from the 2017 NotPetya ransomware by Russian nation state attackers on the Ukrainian supply chain. OpenText analysts expect to see more attacks targeting manufacturers and supply chains in 2022.

Infection rates by region

  • Japan, United Kingdom, North America and Australia saw infection rates drop by 51 per cent since the year prior.
  • United States held the largest number of malicious IP addresses and convictions (24.3 per cent).
  • Netherlands had the highest number of convictions per bad IP address (average 526), meaning that each malicious IP address in the Netherlands performed more malicious activity on average than the average malicious IP address in other countries.

Cyber resiliency is a top proactive priority for organisations worldwide, Craig Robinson, IDC program director, security services, further explained.

Better understanding the known threats will play a key role in building and maintaining a strong layered security approach, Robinson concluded.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.