Key takeaways:
Phishing attacks are key tactic attackers are using to infiltrate computer systems. The most commonly reported type of phishing attack was targeted phishing, which impacted 66% of organizations in 2020.
Organizations are becoming more adept at stopping ransomware attacks before attackers succeed in encrypting the organization’s data. However, in 2021, there was a 23% increase, compared to 2020, in the number of organizations that paid the ransom to retrieve their data.
Attackers are creating more and more new types of Linux malware. 56 new Linux malware families were created in 2020, and much of this new malware includes crypto miners and ransomware.
With incidents such as the Kaseya and Colonial Pipeline ransomware attacks and COVID-19-related phishing scams, 2021 proved to be a tumultuous year in the cybersecurity world. Many of the most impactful attacks involved phishing, ransomware, and other types of malware. We’ll dive into each of these three cyberattack tactics, highlight some key trends we’ve seen from them over the past few years, and make predictions on what we’ll see in these areas in 2024.
Phishing
In 2022, we can expect phishing, the use of deception and social tactics to obtain private data or deploy malware, to remain a key strategy for attackers to gain entry into computer systems. Over half of the organizations surveyed for Proofpoint’s“2021 State of the Phish” report acknowledged having experienced targeted phishing attacks, SMS or text-based phishing attacks, or phone call or voicemail phishing attacks.
Out of these three types of attacks, organizations were most likely to have been impacted by targeted phishing attacks, which involve a high degree of personalization. In targeted phishing, attackers collect information about the user they are targeting so that they can pretend to be a friend or other trusted person of this user. Since this type of phishing is among the most effective, it’s a good idea to be on the lookout for these types of attacks to avoid falling victim to one of them.
We should also continue to look out for other types of phishing attacks, such as SMS and voice phishing attacks, which are generally less personalized but can reach a wider range of people. For example, attackers can quickly send out large volumes of phishing emails, which gives them the ability to reach large numbers of potential victims.
Ransomware
In 2021, ransomware attacks caused large-scale disruptions and major financial losses for large organizations. Attackers often use ransomware as a means of disabling organizations’ access to their computer systems or files, demanding large payments in exchange for restoring organizations’ access to their essential devices and data. Ransomware attacks have been known to target organizations, such as major supply chain vendors and hospitals that have access to highly important data and offer services with widespread impacts, and therefore have high inclinations to pay ransoms so that they can restore their services. In 2022, we can expect organizations to continue to be inclined to pay ransoms. According to Sophos’ “The State of Ransomware 2021” report, 32% of organizations targeted by ransomware attacks chose to pay ransom to restore their data, which is an increase from 26% in 2021. However, an average of just 65% of organizations’ data was restored after they paid the ransoms. Backing up files so that they can be retrieved in the event of ransomware attacks continues to be a reliable strategy since backups were used to restore access to files after over half of ransomware attacks in 2020 and 2021.
Although ransomware attacks continue to pose a major threat, we can expect companies to continue to build increasingly strong defenses against these attacks. In 2021, 39% of organizations succeeded in averting ransomware attacks before attackers could encrypt data, which is a significant increase from 24% in 2020. Although a smaller percentage of ransomware attacks resulted in the successful encryption of data, a higher percentage of organizations were held to a ransom in 2021 compared to 2020 even when their data wasn’t encrypted. This trend shows that attackers are deploying additional strategies to extort ransoms from the organizations they target when they don’t succeed in encrypting data, such as threatening to publish the data if the organization doesn’t pay the ransom.
Other Forms of Malware
Malware continues to be a key way for attackers to compromise systems, access private data, and utilize computing resources in an unauthorized manner. Data from IBM’s “X–Force Threat Intelligence Index 2021” report shows that attackers are creating new types of malware at an increasing rate. 56 new Linux malware families were created in 2020, which is a significant increase from 40 in 2019. It’s likely that we’ll continue to witness the deployment of several new malware families in 2024.
Much of this new malware includes cryptominers, which leverage computing power to mine cryptocurrency, and ransomware, both of which are profitable for attackers. In order to protect computers against these new malware strains, it’s important for users to regularly update anti-malware and other cybersecurity solutions so that they are able to defend against newly discovered types of malware.
