Summary of Acronis Cyberthreats Report H2 2024

This report, published by Acronis in December 2024, provides a comprehensive overview of the global cyberthreat landscape during the second half of 2024. It covers key findings, trends, and predictions for the future. Here’s a detailed summary.

Introduction and Summary

    • This biannual report covers the global threat landscape as observed by Acronis’ Threat Research Unit (TRU).
    • It’s based on data collected from over 1,000,000 endpoints worldwide, with a focus on Windows operating systems.
    • Key findings:
    • The United Arab Emirates, Singapore, and Italy were the most targeted countries for malware attacks in December 2024.
    • Acronis blocked over 48 million malicious URLs in Q4 2024, a 7% increase compared to Q3.
    • 31.4% of received emails were spam, and 1.4% contained malware or phishing links.
    1. Key Cyberthreats and Trends
    • Ransomware:
    • A 5% increase in ransomware attacks targeting critical industries like transportation, healthcare, and manufacturing.
    • Attackers are using personalized tactics and AI-driven strategies to exploit vulnerabilities.
    • MSPs are becoming a prime target, with attackers exploiting their remote management tools (RMMs).
    • Phishing and Malicious Emails:
    • The number of email-based attacks detected in the second half of 2024 increased 197% compared to the same period in 2023.
    • Phishing attacks are becoming more sophisticated, leveraging social engineering techniques and exploiting trusted platforms.
    • Data Breaches:
    • Data breaches continue to dominate, with financial services, healthcare, retail, utilities, and technology sectors being significantly impacted.
    • Third-party service providers are often the weak links in cybersecurity defenses, leading to major breaches.
    • AI-Generated Cyberthreats:
    • AI tools are being increasingly used to launch cyberattacks, creating malicious content and automating attacks.
    • This includes AI-powered malware development, spear-phishing campaigns, and AI-driven software supply chain attacks.
    • North Korea’s cyber operations have become more sophisticated through the integration of AI, using deepfakes and fake LinkedIn profiles.

    2. General Malware Threats

      • Trojans are the most common malware type, accounting for 79% of blocked threats.
      • The number of new malware samples is increasing, showcasing the growing sophistication and versatility of attack methods.
      • The United Arab Emirates, Singapore, and Italy had the highest normalized malware detection rates in December 2024.

      3. Vulnerabilities Discovered in Products of Key Software Vendors

        • The second half of 2024 saw a significant increase in software vulnerabilities.
        • Cross-site scripting (CWE-79) remains the most dangerous software weakness.
        • The report highlights notable vulnerabilities discovered in products from Microsoft, Adobe, and Google Chrome, emphasizing the need for timely updates and robust security measures.

        4. Predictions for 2025

          • Ransomware:
          • Ransomware will continue to dominate, with attackers targeting cloud backups and using AI to automate attacks.
          • Double extortion will become more prevalent.
          • Key Investment Areas:
          • Organizations will prioritize investments in XDR and EDR to protect against advanced cyberthreats.
          • Cloud security will be a key focus, addressing misconfigurations and adopting cloud-native security solutions.
          • Zero trust architecture (ZTA) and Identity and Access Management (IAM) will be crucial for securing access.
          • AI’s Role:
          • AI will be used by cybercriminals to automate attacks, create deepfakes, and exploit vulnerabilities in AI systems.
          • AI will also enhance threat detection and automated incident response for defenders.
          • Nation-State Sponsored Attacks:
          • These attacks are expected to increase, with conflicts in regions like Eastern Europe, the Middle East, and the Indo-Pacific likely to see cyber tools used for destabilization.
          • MSPs will become prime vectors for attacks targeting broader geopolitical objectives.
          • Challenges Faced by MSPs:
          • Securing complex IT environments, including hybrid cloud models and IoT devices, will be a challenge.
          • Protecting against supply chain attacks and complying with data protection regulations will be crucial.
          • The cybersecurity talent shortage will continue to be an issue.
          • Emerging Trends:
          • Quantum computing will pose a new challenge to encryption methods, requiring exploration of quantum-resistant cryptography.
          • AI-powered malware will become more sophisticated, evading detection and adapting to changing defenses.
          • The rise of ARM-specific malware is a growing concern.

          Acronis Recommendations to Stay Safe

            • Keep passwords and working spaces private.
            • Patch your OS and apps regularly.
            • Be vigilant against phishing attempts and don’t click suspicious links.
            • Ensure your cybersecurity solution is properly configured.
            • Control the risks related to AI usage.
            • Implement an integrated cyber protection solution that combines XDR, EDR, anti-malware, DLP, email security, vulnerability assessments, patch management, RMM, and backup capabilities in a single agent.

            We have also sent several questions, directed to Kelly Johnson, General Manager, Acronis ANZ Region. Subsequent responses will be published accordingly.

            Leave a Comment

            This site uses Akismet to reduce spam. Learn how your comment data is processed.