fbpx
Techitup Middle East
B2B TechnologyCybersecurity

Acronis: Email Attacks Surge 293% Globally

Acronis, today shared new research findings from the first half of 2024 in its report “Acronis Cyberthreats Report H1 2024: Email attacks surge 293%, new ransomware groups emerge,”. The report leverages over one million unique Windows endpoints from 15 key countries around the world to bring awareness to global trends in the cybersecurity industry. Most notably, the report found that email attacks have seen a 293% surge when compared to the same period in 2023.  

REGIONAL IMPACT 

The UAE witnessed a notable increase in malware detections with an 11.7% increase from January to May 2024. While the region is facing considerable cybersecurity challenges, these are part of a broader trend affecting many EMEA countries, particularly in terms of rising malware detections and high-profile ransomware attacks. Compared to other EMEA countries, the situation in MENA mirrors broader regional challenges. Bahrain had the highest malware detection rate at 63.2% in April 2024, followed by Egypt with 42.6% of organizations experiencing detections in the same month. 

EMERGING TRENDS 

Ransomware continues to be a major threat to small and medium-sized businesses (SMBs), particularly in critical industries such as government and healthcare. In Q1 2024, Acronis observed 10 new ransomware groups who together claimed 84 cyberattacks globally. Among the top 10 most active ransomware families detected during this time, three highly active groups stand out as the primary contributors, collectively responsible for 35% of the attacks: LockBit, Black Basta, and PLAY. The number of ransomware detections were also on the rise, increasing 32% from Q4 2023 to Q1 2024. 

In support of Acronis’ mission to tailor business initiatives to Managed Service Providers (MSPs), the report is observant of how MSPs are being targeted and compromised. Of note, attack vectors including phishing and social engineering, vulnerability exploits, credential compromises, and supply chain attacks were highlighted as the most successful techniques used to breach MSPs’ cybersecurity defenses. 

Additionally, the report focuses on emerging cybersecurity trends, highlighting the increasing use of generative artificial intelligence (AI) and large language models (LLMs) by threat groups. Specifically, it underscores the growing prevalence of AI being leveraged in social engineering and automation attacks. The most common AI-generated attacks that were detected include malicious emails, deepfake business email compromise (BEC), deepfake extortions, KYC bypass, and script and malware generation. Furthermore, Acronis researchers have identified two types of AI threats. The first involves AI-generated threats, in which malware is created using AI techniques but does not utilize AI in its operations. The second is AI-enabled malware, which incorporates AI into its functionality.  

Other key findings from the report include: 

Middle East Threat Landscape & Trends: 

  • UAE’s monthly percentages of global detections remained relatively lower compared to high-risk countries like Germany, France, and Egypt, highlighting a growing but still manageable cyber threat landscape. 
  • The UAE had varying monthly percentages of global detections ranging from 0.8% to 1.9% throughout the first half of 2024. In comparison, Germany’s percentages ranged from 6.4% to 9.9%, France’s ranged from 3.6% to 5.5%, and the United Kingdom’s ranged from 4.3% to 6.1%. 
  • The UAE experienced a significant rise in the percentage of clients with malware detections. 17.6% of clients with malware detections in January 2024, 18.8% in February, 29.1% in March, 29.3% in April and May. The sharp increase in malware detections among UAE clients, reflects a concerning trend of escalating cyber threats, emphasizing the urgent need for enhanced cybersecurity measures. 
  • Other EMEA countries like Bahrain and Egypt also showed high malware detection rates, indicating a broader regional challenge 
  • The ransomware attack on Seven Seas Technologies in the UAE highlights the region’s vulnerability to such threats, similar to high-profile cases in other EMEA countries 
  • The emergence of various ransomware groups targeting different sectors across the EMEA region indicates a widespread and diversified threat landscape 

Global Threat Landscape

  • Bahrain, Egypt, and South Korea were the top countries targeted by malware attacks in Q1 2024. 
  • 28 million URLs were blocked at the endpoint in Q1 2024. 
  • 27.6 % of all received emails were spam and 1.5% contained malware or phishing links.  
  • The average lifespan of a malware sample in the wild is 2.3 days. 
  • 1,048 cases of ransomware were publicly reported in Q1 2024, a 23% increase over Q1 2023. 

Cybersecurity Trends in H1 2024

  • Ransomware continues to be a major threat to SMBs, and ransomware groups have abused vulnerable drivers to get a foothold in systems and disable security tools.  
  • In the first quarter of 2024, PowerShell was the most frequently detected MITRE technique.  
  • The number of email attacks detected in H1 2024 surged by 293% compared to the first half of 2023.  

Ransomware Trends: 

  • In Q1 2024, Acronis researchers observed 10 new ransomware groups that together claimed 84 cyberattacks globally. 
  • The number of ransomware detections increased 32% from Q4 2023 to Q1 2024.  

Attacks on MSPs: 

  • MSPs were under consistent attack from January to May 2024, with data revealing email phishing campaigns were the most used by attackers.  
  • The top five most frequently discovered MITRE ATT&CK techniques in the first half of the year included PowerShell, Windows Management Instrumentation, Process Injection, Data Manipulation and Account Discovery.  

Phishing and email attacks: 

  • Organizations experienced a surge in email communications, with the number of emails per organization increasing by 25%. 
  • The rise in email volume coincided with a 47% increase in email attacks targeting organizations. 
  • 26% of users encountered phishing attempts through malicious URLs. 
  • Social engineering increased 5% since H1 2023; however, malware attacks decreased from 11% in H1 2023 to 4% in H1 2024. 

Leveraging AI: 

  • Cybercriminals continue to leverage malicious AI tools like WormGPT and FraudGPT. 
  • While AI can assist attackers at every stage of the cyberattack kill chain, it can also be used as a defense mechanism as it allows for around the clock detection of attacks and reports them to experts to take appropriate response actions to ensure smooth business continuity. 

Related posts

Opinion: IT Teams Need The Right Tools to Drive Cloud Performance Using OpenTelemetry

Editor

Kaspersky Announces the Launch of Appicenter

Editor

Protect Yourself from Summer Vacation Scams

Editor

Leave a Comment