Cyberattacks against organizations has increased by 13%
According to Orange Cyberdefense, Europe’s largest managed security services provider, there has been a 13% increase in cyberattacks on enterprises over the last year, with a rise in ransomware incidents and, for the first time, a noticeable wave of attacks against mobile devices.
The Security Navigator 2022 provides a detailed analysis of more than 50 billion security events analyzed daily by Orange Cyberdefense’s 18 Security Operation Centers (SOCs) and 14 CyberSOCs around the world over the past year (October 2020 to October 2021).
Monitoring revealed that of the 94,806 incidents flagged as potential threats, 34,156 (36 percent) were legitimate security incidents, a 13 percent increase over the previous year. More than a third (38%) of all confirmed security incidents were classified as malware, including ransomware – an 18% increase from 2020.
According to the report, nearly two-thirds (64 percent) of the security alerts handled by Orange Cyberdefense analysts were ‘noise’ and did not represent a genuine threat – a 5% increase from the previous year.
According to the findings, many organizations, particularly small and medium-sized businesses, will need more resources to filter through this massive amount of data for potential threats. The risk is that as the level and volume of activity increases, these businesses will become increasingly vulnerable to attack.
According to the Security Navigator, mobile operating systems such as iOS and Android are becoming an increasingly popular target for exploits in the business context. Many of the activities appear to be linked to commercial firms hired by law enforcement and intelligence agencies.
However, the vulnerabilities and exploits developed will most likely not stay in that realm, but will likely find their way into the criminal ecosystem as well in the past and in the future (mind the WannaCry attack of 2017).
According to Orange Cyberdefense, mobile device attacks are likely to continue on their upward trend. This is a development that security professionals must keep an eye on. Mobile platforms play an important role in modern access protection concepts, such as multi factor authentication (MFA), which is commonly used in corporate environments to protect cloud access, for example.
Another key finding of the new Security Navigator is that malware, including ransomware, was the most common type of threat reported throughout the analysis period, accounting for 38% of all confirmed security incidents – an increase of 18% from 2020. The following are some of the most important malware trends:
- A decrease in confirmed downloader activity (malware that downloads and runs other malware on infected systems) in November and December 2020, following the takedown of the Trickbot botnet by law enforcement, and in January and February 2021, following the takedown of Emotet;
- An inverse relationship exists between the rigor of Covid-19 lockdowns and the volume of downloader and ransomware activity: the tighter the lockdowns, the less of this activity, contradicting the widely held belief that attacks increase when users work from home.
- The number of confirmed malware incidents in large organizations is more than double (43 percent) that of medium-sized businesses.
“Attacks like Solorigate show that even trusted software from reliable vendors can turn into a trojan horse for cunning attackers,” said Hugues Foulon, CEO of Orange Cyberdefense. This problem cannot be solved solely through technological means. According to our data, the number of incidents has increased by 13% in just one year, and the number of incidents continues to rise year after year.
Although a large portion of the tech-driven security alerts that our analysts deal with are simply noise, this places a significant strain on already overburdened IT and security teams.
Indeed, not all businesses have the means or resources to hire managed security service providers to help them sort through the “noise” and find actionable security “signals.” As a result, we believe that security technologies can and must improve.”
