Report

2022 BrightCloud® Threat Report: The year of innovation for cybercrime

2022 BrightCloud® Threat Report: The year of innovation for cybercrime
Userlevel 7
Badge +24
  • Sr. Security Analyst & Community Manager
  • 1098 replies

Our latest BrightCloud®️ Threat Report is finally here! This year, our findings show us that cybercriminals are improving their efforts to evade detection. 2021 was the year where everything security-related that could go wrong did go wrong. We witnessed unprecedented attacks on the supply chain around the world. Despite American and Russian coordinated efforts to take down Emotet, REvil, and Conti, cybercriminals found avenues to resurrect themselves and carry out their lethal efforts.

The normalization of remote and hybrid work continued to shift the way bad actors pursue lucrative avenues for exploitation. We also witnessed cybercriminals strategically releasing their executed attacks during specific times of the year.

Our report is full of great insights. Some key findings include:

  • The Middle East, Asia, and Africa were the regions with the highest percentage of infections.
  • 53% of consumer PCs were infected more than once, and 19% infected more than 5 times.
  • Apple was most often impersonated company in phishing attacks.
  • Of all the places where malware could hide on business PCs, it uses %temp% more than half the time.

“With the introduction of Windows 11, bad actors won’t think twice about engaging in new and dangerous exploits that leverage new features not previously available.”

- Grayson Milbourne | Security Intelligence Director

  • During 2021, 82% of ransomware attacks targeted organizations with less than 1,000 employees. The smallest organizations, with 100 employees or less, comprised 44% of ransomware victims.
  • The year-end average for ransomware payments in 2021 more than doubled the 2020 average, hitting $322,168.

By combining layers, like inspecting all incoming emails, keeping PCs fully patched, using antivirus software and endpoint protection tools on all PCs and educating users on how to avoid phishing attacks and other forms of social engineering, you can make it less likely that attacks will succeed.

  • In 2021, we discovered over 4 million new high-risk URLs in 2021, almost 66% of them involved in phishing.
  • Bad actors like to time their phishing attacks. In the month of May alone, we witnessed a 770% increase in phishing activity.

To thwart these types of phishing attacks, users need to be trained to recognize shortened URLs and to find out where they redirect before clicking on them.

Last year was marked by innovation across the threat landscape. In this year’s full report, we delve into the developments affecting businesses large and small.

Download the report and discover for yourself our complete analysis and predictions powered by our BrightCloud®️ Threat Intelligence.

Be sure to sign up for our Webinar to learn more and win prizes

 


114 replies

Userlevel 5
Badge +5

Congratulations.

Userlevel 2

Always a good read,.“The Middle East, Asia, and Africa were the regions with the highest percentage of infections.” make perfectly sense.

Userlevel 1

Apple being the larger ones spoofed makes sense considering how they lead the sway of smart phones and tablets for a while.

Userlevel 1

Congratulations to all the winners

“During 2021, 82% of ransomware attacks targeted organizations with less than 1,000 employees. The smallest organizations, with 100 employees or less, comprised 44% of ransomware victims.”

I would say that 44% for smaller business may be on the low side.  I see these attempts almost daily.

Interesting read!

Userlevel 3

I'm really amazed by the increase in Apple phishing attack. When I work with Mac users, their goto reaction is Macs are built safe so I don't have to worry about viruses,  hacking, etc. But they are still vulnerable,  so it's very important for all users to be cautious. 

Userlevel 3

I was interested to learn that, “The smallest organizations, with 100 employees or less, comprised 44% of ransomware victims”. This wasn’t necessarily surprising given that smaller companies have less resources in terms of support from IT experts, but having information like this is valuable for our clients. As an MSP this is relevant to a good proportion of our clients, and ransomware poses a massive threat to companies that prize system uptime over most other things.

Userlevel 1

The high infection rates amongst personal devices is not suprising, but seeing the numbers is useful. Worth addressing within any company that uses a BYOD policy and the need for those devices to be used as securely as any business device.

Userlevel 1
Badge +2

Protect your BYOD PCs - they expose your corporate network too!

Userlevel 2
Badge +1

Why would people allow their machines to be infected with malware more then once? Some even 5 times (19%)? Unbelievable. They never learn…..

 

Userlevel 7
Badge +25

Why would people allow their machines to be infected with malware more then once? Some even 5 times (19%)? Unbelievable. They never learn…..

 

I’m not sure “allowed” is the right word here. Remember we have a more unique view of these issues. To some users, this is all black magic and have no cause and effect understanding of the issues. It’s our jobs to help educate people so they can learn to help prevent these infections. 

Userlevel 7
Badge +4

You’re right there @MajorHavoc 

For me it was that the education/training of users is a constant requirement for any business wishing to limit these types of attacks.

I strongly agree with this part. With a layered approach and proper user training, it is possible to drastically reduce the chance of attacks being successful.

Userlevel 5

It appears that Malware infection is being dropped as an attack vector in favour of the Ransomware - obviously a more lucrative return on their efforts.

 

Where malware is being deployed, the ZeroDay Heuristic scanners are required to identify these increasingly unique apps.

 

 

Userlevel 2

Security awareness, learning is a must! Educate the user and you can reduce a lot of risks  

  • 53% of consumer PCs were infected more than once, and 19% infected more than 5 times.

This surprised me, i would of thought you would learn after the first instance.

how antivirus on  phone  zte max 10

Userlevel 7
Badge +24

how antivirus on  phone  zte max 10

Hey @gregkrause have you seen this post?

 

This is a worrying yet eye opening fact.

“During 2021, 82% of ransomware attacks targeted organizations with less than 1,000 employees. The smallest organizations, with 100 employees or less, comprised 44% of ransomware victims.”

Userlevel 1
Badge
  • During 2021, 82% of ransomware attacks targeted organizations with less than 1,000 employees. The smallest organizations, with 100 employees or less, comprised 44% of ransomware victims.
  • The year-end average for ransomware payments in 2021 more than doubled the 2020 average, hitting $322,168.

The small businesses without large amounts of reserve cash or large IT departments are the easy targets.  Hence the growing numbers.  I shudder.

Clearly, an educated user is the front line of defense.

Expected Microsoft to be targeted by phishing more.

Userlevel 1
Badge +2

“53% of consumer PCs were infected more than once, and 19% infected more than 5 times”

 

More. Than. 5. Times.  This just blows my mind.  Some people just never learn.

I know one happened to a friend of mine. Some people just shouldn’t have a PC. I try to help her but she just don’t listen, I tell her to hover on the email address and not to open it if she doesn’t recognize the address. Well she did and she must of clk’d on something then her computer cashed and then a pop-up with an 800 number for Microsoft which she called then the person who answered told her, that her PC had been hacked. Then he added some one on to the call who was supposed to be with her bank. He also had the last four digits of her account numbers. Glad she called me before transferring any money.

Reply