Average cost of data breaches expected to surpass US$5 million per incident in 2023
Phishing attacks and malicious emails are the most effective methods used in data breaches, according to Acronis.
Businesses can expect to lose US$5 million if they were to be hit by a data breach next year, according to a report by cyber protection provider Acronis.
Ransomware continues to be the number one threat, with ransomware gangs adding up to 300 new victims to their combined list every month in the second half of 2022.
By the end of Q3, the total number of compromised targets published for the main operators in 2022 were as follows:
LockBit - 1157
Hive - 192
BlackCat - 177
Black Basta - 89
As the main threat actors continue to professionalise their operations, Acronis notes a shift towards more data exfiltration, with most of the large players expanding their targets to macOS and Linux systems, and consideration of cloud environments.
The report also found that phishing attacks and malicious emails are the most effective methods used in data breaches.
Social engineering attacks jump in the last four months of 2022, accounting for 3% of all attacks. Leaked or stolen credentials – which allow attackers to easily execute cyberattacks and ransomware campaigns – were the cause of almost half of all reported breaches in the first half of 2022.
Besides that, Acronis continues to observe and warn both businesses and home users that new zero-day vulnerabilities and old unpatched ones are the top vector of attack to compromise systems. For instance, a phishing campaign targeted Microsoft users in September by using the news coverage of the passing of Queen Elizabeth II and impersonating "the Microsoft team" to bait recipients into adding memo text onto an online memorial board in September.
“The last few months have proven to be as complex as ever – with new threats constantly emerging and malicious actors continuing to use the same proven playbook for big payouts. Organisations must prioritise all-encompassing solutions when looking to mitigate phishing and other hacking attempts in the new year. Attackers are constantly evolving their methods, now using common security tools against us – like multi-factor authentication that many companies rely on to protect their employees and businesses,” says Candid Wüest, Acronis VP of cyber protection research.
See Also:
Click here to stay updated with the Latest Business & Investment News in Singapore
Recent phishing attacks shatter confidence in cybersecurity controls
Leveraging technology to navigate the upcoming economic uncertainty
Get in-depth insights from our expert contributors, and dive into financial and economic trends