Melwyn Abraham
Biannual report reveals global malware data and trends collected from the first half of the year
Acronis, a global leader in cybersecurity and data protection, today shared new research findings from the first half of 2024 in its biannual cyberthreats report by Acronis Threat Research Unit. Titled, “Acronis Cyberthreats Report H1 2024: Email attacks surge 293%, new ransomware groups emerge,” the report leverages over one million unique Windows endpoints from 15 key countries around the world to bring awareness to global trends in the cybersecurity industry. Most notably, the report found that email attacks have seen a 293% surge when compared to the same period in 2023.
REGIONAL IMPACT
The UAE witnessed a notable increase in malware detections with an 11.7% increase from January to May 2024. While the region is facing considerable cybersecurity challenges, these are part of a broader trend affecting many EMEA countries, particularly in terms of rising malware detections and high-profile ransomware attacks. Compared to other EMEA countries, the situation in MENA mirrors broader regional challenges. Bahrain had the highest malware detection rate at 63.2% in April 2024, followed by Egypt with 42.6% of organizations experiencing detections in the same month.
"The insights from Acronis' H1 2024 Cyberthreats Report highlight the urgent need for heightened vigilance and advanced protective measures," remarked Ziad Nasr, General Manager for the Middle East at Acronis. "The UAE has been identified as a 'prime target' for ransomware attacks, as cautioned by the country’s Cyber Security Council. In 2023, the average cost of a data breach in the Middle East exceeded $8 million."
"MSPs are particularly vulnerable, facing persistent threats such as phishing, social engineering, and supply chain attacks," Ziad continued. "Acronis encourages MSPs to adopt comprehensive security strategies, incorporating security awareness training, and leveraging advanced endpoint protection solutions like XDR and multi-factor authentication. Our commitment to delivering actionable insights through the Cyberthreats Report aims to empower organizations and enhance global cybersecurity resilience."
EMERGING TRENDS
Ransomware continues to be a major threat to small and medium-sized businesses (SMBs), particularly in critical industries such as government and healthcare. In Q1 2024, Acronis observed 10 new ransomware groups who together claimed 84 cyberattacks globally. Among the top 10 most active ransomware families detected during this time, three highly active groups stand out as the primary contributors, collectively responsible for 35% of the attacks: LockBit, Black Basta, and PLAY. The number of ransomware detections were also on the rise, increasing 32% from Q4 2023 to Q1 2024.
In support of Acronis’ mission to tailor business initiatives to Managed Service Providers (MSPs), the report is observant of how MSPs are being targeted and compromised. Of note, attack vectors including phishing and social engineering, vulnerability exploits, credential compromises, and supply chain attacks were highlighted as the most successful techniques used to breach MSPs’ cybersecurity defenses.
“As a result of the increasing volume and complexities of cyber threats we continue to uncover in the current cybersecurity landscape, it is of the utmost importance that MSPs take a holistic approach to securing their customer’s data, systems, and unique digital infrastructures,” said Irina Artioli, report author and Cyber Protection Evangelist at Acronis Threat Research Unit. “To do this effectively, we recommend MSPs adopt a comprehensive security strategy, including mandating security awareness trainings and incident response planning, as well as deploying advanced endpoint protection solutions like extended detection and response (XDR), multi-factor authentication, and more.”
Additionally, the report focuses on emerging cybersecurity trends, highlighting the increasing use of generative artificial intelligence (AI) and large language models (LLMs) by threat groups. Specifically, it underscores the growing prevalence of AI being leveraged in social engineering and automation attacks. The most common AI-generated attacks that were detected include malicious emails, deepfake business email compromise (BEC), deepfake extortions, KYC bypass, and script and malware generation. Furthermore, Acronis researchers have identified two types of AI threats. The first involves AI-generated threats, in which malware is created using AI techniques but does not utilize AI in its operations. The second is AI-enabled malware, which incorporates AI into its functionality.
Other key findings from the report include:
Middle East Threat Landscape & Trends:
Global Threat Landscape:
Cybersecurity Trends in H1 2024:
Ransomware Trends:
Attacks on MSPs:
Phishing and email attacks:
Leveraging AI:
The Acronis H1 2024 Cyberthreats Report is curated by Acronis Threat Research Unit and includes data surrounding ransomware threats, phishing, malicious websites and software vulnerabilities, and tips on how to protect against the aforementioned threats. Released bi-annually, the Acronis Cyberthreats Report sets the industry standard by consistently establishing itself as a benchmark for cybersecurity intelligence. Acronis’ analysis of the current cyber threat landscape is published for the benefit of its users, partners, and the broader, global cybersecurity community to help them stay abreast of ongoing cybersecurity developments.
For more information, download a copy of the full Acronis H1 2024 Cyberthreats Report here.
To learn more about the report and its findings, visit the Acronis blog.
Visit www.acronis.com for information about Acronis solutions that help combat security challenges like these – including the new, groundbreaking native integration of Acronis Advanced Security + XDR.
About Acronis:
Acronis is a global cyber protection company that provides natively integrated cybersecurity, data protection, and endpoint management for managed service providers (MSPs), small and medium businesses (SMBs), and enterprise IT departments. Acronis solutions are highly efficient and designed to identify, prevent, detect, respond, remediate, and recover from modern cyberthreats with minimal downtime, ensuring data integrity and business continuity. Acronis offers the most comprehensive security solution on the market for MSPs with its unique ability to meet the needs of diverse and distributed IT environments.
A Swiss company founded in Singapore in 2003, Acronis has 15 offices worldwide and employees in 50+ countries. Acronis Cyber Protect is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses. Learn more at www.acronis.com.
Melwyn Abraham