Findings from Acronis' "Acronis Cyberthreats Report, H2 2023: Alarming rise in cyberattacks, SMBs and MSPs in the crosshairs" reveal that email attacks surged by 222% in 2023. The report, based on data from over 1,000,000 unique endpoints across 15 countries, found that more than 90% of organisations fell victim to AI-enhanced phishing.
Ransomware continues to cause significant losses, both financially and in data, for global companies. Despite a decrease in the number of ransomware groups and variants, renowned families of the attack vector are still causing harm. The report attributes this to the absence of effective security solutions capable of detecting the exploitation of zero-day vulnerabilities and delays in patching vulnerable software which allow threat actors to gain domain administrative rights, disable security tools, and steal sensitive information.
Commenting on the recent trends, Candid West, Acronis VP of Product Management, said, "There's a disturbing trend being recognised globally where bad actors continue to leverage ChatGPT and similar generative AI systems to increase cyber attack efficiency, create malicious code, and automate attacks." West emphasised the need for organisations to prioritise comprehensive cyber protection solutions to ensure business continuity.
The report highlights an increase in advanced tactics such as supply chain attacks, AI-driven attacks, and state-sponsored incursions. Managed service providers (MSPs) should also prepare for threats unique to their workings, including 'island hopping', where attackers use an MSP’s infrastructure to attack clients, and 'credential stuffing', which takes advantage of an MSP’s broad system access.
Key findings from the report indicate a prominence of ransomware threats affecting critical sectors such as government and healthcare. Data stealers were noted as the second most prevalent threat. The use of generative AI systems, including ChatGPT, for launching cyber attacks and creating malicious content is also increasing. Known ransomware gangs in 2023 included LockBit, Cl0P, BlackCat / ALPHV, Play, and 8Base.
The report also highlighted an increase in attacks on MSPs, with a recent high-profile breach affecting numerous US government agencies. Microsoft cloud email account vulnerabilities resulted in the compromise of 60,000 emails from 10 US State Department accounts.
Email-based attacks saw a dramatic rise in 2023, up by 222%. Organisations experienced a 54% increase in the number of attacks per organisation, and a staggering 91.1% of organisations fell victim to AI-enhanced phishing attacks.
A concerning trend outlined in the report is the growing abuse of AI tools by cyber criminals. Tools such as WormGPT, FraudGPT, DarkBERT, DarkBART, and ChaosGPT are being leveraged to attack corporations, and the public release of ChatGPT has seen a rise in the use of generative AI for cyber attacks.
Michael Suby, Research VP, IDC, reviewing the findings stated, "Unfortunately, bad actors continue to profit from these activities and are leveraging AI-enhanced techniques to create more convincing phishing schemes, guaranteeing that this problem will continue to plague businesses." The report, which provides a security forecast for 2024, is released biannually by the Acronis Cyber Protection Operation Center.