Cyberattacks on organisations via email multipled by 293% from January to May 2024 versus the same period a year ago, according to a cyberthreat report from Acronis.
The Switzerland headquartered cybersecurity firm uncovered nearly triple the number of cyberattacks on Windows endpoints. The threat research unit report covered 15 key countries.
“The number of ransomware detections was also on the rise, increasing 32% from Q4 2023 to Q1 2024,” the company said in its announcement.
“Ransomware continues to be a major threat to SMBs (small to medium sized businesses), particularly in critical industries such as government and healthcare.”
Acronis observed 10 new ransomware groups in the first quarter alone. These claimed a total of 84 cyberattacks globally, with three highly active groups collectively responsible for 35% of the attacks: LockBit, Black Basta, and PLAY, it said.
However, organisations also sent 25% more emails, it added.
In addition, the report found that 27.6 % of emails were spam. About 1,048 cases of ransomware were publicly reported in Q1 2024, a 23% increase over Q1 2023, the vendor said.
“Managed services providers (MSPs) are being targeted and compromised,” the vendor noted, citing attack vectors including phishing and social engineering, vulnerability exploits, credential compromises, and supply chain attacks.
Acronis targets MSPs, SMBs and enterprise IT departments with its cybersecurity products including extended detection and response (XDR).
AI attack tools make presence known
The unit also detected AI-related attacks, including AI-generated threats and AI-enabled malware.
“The most common AI-generated attacks that were detected include malicious emails, deepfake business email compromise (BEC), deepfake extortions, know your customer (KYC) bypass, and script and malware generation,” it said.
As a result, MSPs should take an overall, comprehensive approach to securing customer data, systems and infrastructure.
Acronis suggested this include mandatory security awareness training and incident response planning.
Organisations should also look to deploy multi-factor authentication and advanced endpoint protection solutions, the vendor said.
( Image by Gerd Altmann from Pixabay )
