cost of data breaches

(Source – Shutterstock)

The cost of data breaches could reach US$5 million per incident in 2023

The cost of data breaches continues to be increasing every year. While some may think that the increase is due to inflation, the reality is that data breaches are increasing and businesses are losing a lot more than they actually can afford to.

Despite increased cybersecurity plans in place, cybercriminals still continue to wreak havoc on organizations. In many cases, the cost of the data breaches that have been reported only involves the amount that was paid for ransomware. The actual cost of data breaches however involves a lot more. This includes the amount lost from downtime and also the amount spent on recovering data and even on investigations.

According to the latest cyber threats and trends report for the second half of 2022 by Acronis, phishing and the use of MFA (Multi-Factor Authentication) fatigue attacks, an extremely effective method used in high-profile breaches, are on the rise. Conducted by the Acronis Cyber Protection Operation Center, the report provides an in-depth analysis of the cyber threat landscape including ransomware threats, phishing, malicious websites, software vulnerabilities, and a security forecast for 2023.

Of note, the report found that threats from phishing and malicious emails have increased by 60%, and the average cost of a data breach is expected to reach US$5 million by next year. The research team who authored the report also saw social engineering attacks jump in the last four months, accounting for 3% of all attacks. Leaked or stolen credentials, which allow attackers to easily execute cyberattacks and ransomware campaigns, were the cause of almost half of all reported breaches in the first half of 2022.

For Candid Wüest, Acronis VP of Cyber Protection Research, the last few months have proven to be as complex as ever – with new threats constantly emerging and malicious actors continuing to use the same proven playbook for big payouts.

“Organizations must prioritize all-encompassing solutions when looking to mitigate phishing and other hacking attempts in the new year. Attackers are constantly evolving their methods, now using common security tools against us – like MFA that many companies rely on to protect their employees and businesses,” said Wuest.

Evolving threat landscape can increase the cost of data breaches

One of the reasons why the cost of data breaches is becoming higher is due the to evolving threat landscape that has led to new challenges. As security tactics and the technologies associated with them evolve, so do the threat actors trying to break into organizations and their ecosystems. The constant feed of ransomware, phishing, and unpatched vulnerabilities demonstrates how crucial it is for businesses to reevaluate their security strategies.

It’s obvious that ransomware continues to be the number one threat for businesses and will most likely be getting worse in the future. The report showed that each month in the second half of this year, ransomware gangs added 200-300 new victims to their combined list.

The market of ransomware operators was dominated by 4-5 players. By the end of Q3, the total number of compromised targets published for the main operators in 2022 were as follows:

  • LockBit – 1157
  • Hive – 192
  • BlackCat – 177
  • Black Basta – 89

There were also 576 publicly-mentioned ransomware compromises in Q3, a slight increase from Q2. The overall number of ransomware incidents decreased slightly in Q3, following a summer high from July to August when Acronis observed a 49% increase in blocked ransomware attacks globally but was then followed by a decrease of 12.9% in September and 4.1% in October.

As the main threat actors are continuing to professionalize their operations, Acronis notes a shift towards more data exfiltration with most of the large players expanding their targets to macOS and Linux systems, and consideration of cloud environments.

(Source – Shutterstock)

The problem with emails

Now, ransomware attacks can also strike organizations through phishing and malicious emails. In fact, the report highlighted that between July and October 2022, the proportion of phishing attacks rose by 1.3x against malware attacks reaching 76% of all email attacks (up from 58% in H1’2022). Spam rates have also increased by over 15% — reaching 30.6% of all inbound traffic.

Unsurprisingly, the United States led as the country with the most clients experiencing malware detections at 22.1% in October 2022, followed by Germany with 8.8% and Brazil with 7.8%. These numbers represented a small increase for the US and Germany, especially in financial trojans.  South Korea, Jordan, and China ranked as the most attacked countries in terms of malware per user in Q3.

Analyzing the 50 most email-borne-attacked organizations revealed the top targeted industries. This included construction, retail, real estate, professional IT services, and finance. During this period, an average of 7.7% of all endpoints tried to access malicious URLs in Q3 2022, a small reduction from 8.3% in Q2 2022.

Recent examples of cyberattacks due through phishing include a phishing campaign targeting Microsoft users in September by using the news coverage of the passing of Queen Elizabeth II and impersonating “the Microsoft team” to bait recipients into adding memo text onto an online memorial board in September. Another large-scale phishing campaign was spotted targeting Microsoft M365 email service credentials, specifically at fin-tech, lending, accounting, insurance, and Federal Credit Union organizations in the US, UK, New Zealand, and Australia.

Patch! Patch! Patch! 

As malicious actors continue to seek out and target unpatched systems, businesses need to ensure they focus on patching and updating their systems whenever possible. Unpatched vulnerabilities are an invitation for cyberattacks which is why Acronis continues to observe and warn both businesses and home users that new zero-day vulnerabilities and old unpatched ones are the top vector of attack to compromise systems.

“Increased recognition that cybersecurity is a growing business risk is a welcome trend across all levels of enterprises,” said Michael Suby, VP of Research, Trust, and Security at IDC. “The latest Acronis Cyberthreat report explores real-world examples from the second half of this year and offers practical recommendations to protect the people, processes, and technologies that drive modern enterprises.”