Report

2022 BrightCloud® Threat Report: The year of innovation for cybercrime

2022 BrightCloud® Threat Report: The year of innovation for cybercrime

Show first post

114 replies

Userlevel 2

It was Interesting to read that the smaller companies are starting to be hit more.

Userlevel 7
Badge +4

I bet those that were infected 5 times were absolutely sure that they didn’t need to worry about security too!

Userlevel 5
Badge

“Apple was most often impersonated company in phishing attacks.”

I’m honestly not surprised there, the amount of phishing emails I get from ‘Apple’ never ceases to amaze me :D


 

Userlevel 4

Wow 53% of consumers were infected more than once and 19% were infected  5 times

Userlevel 6
Badge +4

SMB are the main target of attacks. As they normally do not have the massive budgets to protect against all the bad actors, neither do they really see the reason for things such as SAT (Security Awareness Training) As such, more and more people fall victim especially in the URL side of business. Africa being on the list is no surprise to me at all, as so may of people here simply click before they think of what the link can contain. As such, this report for me is almost a true reflection of what we see and deal with on a daily base across a large number o four customers. Fortunately, we have the larger majority of the customers we look after on Webroot. Security on all areas needs to form part of the protection plans for our customers, and we need to evolve and learn to think and get trained in the new generation of Star Wars in the cyber world where we live in, especially with the 4th industrial revolution we are living in, where everything is now becoming more and more digital and online, we need to be extra careful and more on the alert against bad actors and the schemes they adopt to. 

Userlevel 5
Badge +19

always hover!

Userlevel 3

I feel kind of glad that Apple is the most impersonated, it might help some of the blind faith people seem to have in Apple always being perfect, but it’s a shame people have to be fleeced first before they’ll learn.

Userlevel 4

Not saying I’m cynical or anything, but nothing in this report really surprised me. Except Japan. Be nice to know what they are doing differently.

Userlevel 7
Badge +5

Very concerning to see almost half of ransomware attacks were at companies with <100 employees.

Userlevel 1
Badge +1

Interesting stat:

The smallest organizations, with 100 employees or less, comprised 44% of ransomware victims.

 

Most of the time they just don’t have the manpower, funds or willingness to strengthen their cyber posture.

Userlevel 3
Badge

The fact that less 44% of victims are small business but ransom payments are up double from previous year means small medium businesses are proving an increasingly reliable soft target for attackers. This is particularly salient for those of us who support this sector indicating we need to continue upping our efforts to improve security and awareness and get small businesses to put protection and backup higher on their agenda!

Userlevel 3

Incredible how many people get hit more than once. Just goes to show that how we bad you think the issues are, the reality day to day is far worse. 

Userlevel 7
Badge +4

“53% of consumer PCs were infected more than once”

 

What fresh hell is this?! I find it alarming from reading this the sheer volume of people that this happens to. You would think by now that people would be more vigilant, this is genuinely frightening. 

Userlevel 5

I’m really surprised at all the details in this. I definitely would expect larger companies to be targeted more often. In hindsight it makes sense because the smaller ones likely don’t have the resources or training to deal with threats. I also can’t believe how high the average payout is, over 300k is so much!

Userlevel 7
Badge +8

The UK only had 2.1% of dodgy URL’s with and out front leader being the US on 64.8%

Userlevel 7
Badge +4

Good read, well written. Taking some pointers to go back to my boss for our next security review meeting.

Userlevel 7
Badge +4

Educate your users. Not to be overlooked!

Well said and yet still so many companies are quick to blame their IT team

Userlevel 3

Can't get over pcs being infected more than 5 times! Do people not learn?!

"53% of consumer PCs were infected more than once, and 19% infected more than 5 times"

 

Userlevel 3

I think it is just amazing how some machines were infected more than 5 times. 5!!

 

People should get more in the way of cyber training. We’re taught as kids never to talk to strangers, but download all sorts of junk on our PCs containing sensitive data when we grow up...

Userlevel 2

 53% of consumer PCs were infected more than once, and 19% infected more than 5 times

The 19% of people falling for it 5 or more time are the people who need to be signed up to Webroot training ASAP😶 It beggars belief how they don’t realise after 2, 3, 4 times….

 

Apple was most often impersonated company in phishing attacks.

This does not surprise me at all, people (nee. Apple users) seem to have a built-in trust, probably because of Apple positioning themselves as the good guy vs Facebook in the privacy war. So attacks using Apple are surely more likely to be successful as the users see the company name and don’t think twice before clicking (unfortunately) 

Userlevel 3

Education is so key as having the awareness will never go out of date whereas the technical aspects of prevention need constantly reviewing and updating.

Userlevel 5
Badge +1

I am looking forward to the webinar.

Userlevel 7
Badge +22

“This year, 86.3% of malware was unique to one PC.”  I am not sure I understood this statement. What exactly does this mean? That just one person had all the malware on their single machine? Seems like that is not really a problem, so obviously I do not understand the meaning of this line. 
 

I understand it as “86,3% of malware identified on any pc were unique to the pc where they were identified”. Meaning that malware are shapeshifting and so unlikely to be detected by signature or file hash.

What i take from reports like this one, is that security awareness and knowing when (not if) someone is poking at your things are key elements to security. The good old “better safe than sorry”.

Thank you. That makes a lot more sense. My brain just did not go there. 
 

Cheers

Userlevel 7
Badge +22

always hover!

You can not believe how often I have to repeat this. Examine that link and if it does not look like it goes where it should, do not click it. 
 

Makes me wonder if a new Webroot WSA add on  could be a sandboxed browser? I know they are not fool proof, but could be another layer of protection for people, especially those who just click links without thinking. 

Userlevel 6
Badge +1

There were so many interesting stats in this article that I feel would shock most people. One thing I found interesting was the number of stats relating to malicious links and sites that had the US either at the top or highly ranked as an offender. I was initially shocked by the number amount of machines infected multiple times, but then I thought back to a ransomware incident we assisted with that had a special infection that would come back if a machine was not wiped a very specific way. Overall this was a great report which was certainly worth taking the time to read. 

Reply