Authors:
Alexander Ivanyuk — Senior Director, Technology
Irina Artioli — Cyber Protection Evangelist
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis Threat Research Unit and sensors. Figures presented here were gathered in September of this year and reflect threats that we detected as well as news stories from the public domain. This report represents a global outlook and is based on more than one million unique endpoints distributed around the world.
Incidents of the month
A security flaw in Kia's dealer portal could allow attackers to remotely access and control millions of vehicles. Discovered by researchers, the vulnerability exposes sensitive information like vehicle identification numbers (VINs) and GPS data, as well as the ability to unlock doors, start engines and track cars in real time.
The issue stems from weaknesses in the portal's backend systems, originally designed for authorized dealers and service providers. If exploited, attackers could gain unauthorized control over vehicle functions, leading to risks like theft or tampering with safety features. Kia has been informed of the flaw and is working on a patch.
This vulnerability highlights the growing concerns over connected car cybersecurity, where breaches in digital systems can pose serious risks to both user privacy and vehicle safety.
Daily ransomware detections, January through September 2024
The following table shows the normalized percentage of clients with at least one ransomware detection in the given month. The higher the number, the higher the risk of a workload in that country being attacked by ransomware.
The below tables show the percentage of Acronis clients that had at least one malware threat blocked at the endpoint (this number has been hovering around 12% for the last year), as well as the normalized percentage of clients with at least one malware detection. The higher the percentage, the higher the risk of a workload in that country being attacked by malware.
Protection
The aforementioned threats can be detected and mitigated with solutions from Acronis.
Acronis Cyber Protect Cloud protects against both known and never-before-seen threats through a multilayered protection approach. This includes behavior-based detection, AI- and ML-trained detections and anti-ransomware heuristics, which can detect and block encryption attempts and roll back any tampered files automatically, without any user interaction.
Additional advanced email security and URL filtering can help you protect against social engineering threats. And your Acronis #CyberFit score helps you quickly identify systems that need attention, while integrated patch management makes updating your software to the latest versions simple.
Advanced Security + Extended Detection and Response (XDR) for Acronis Cyber Protect Cloud brings the visibility needed to understand attacks while simplifying the context for administrators and enabling efficient remediation of any threats.