There were several developments in the world of cybersecurity and data protection during the past 12 months that will have long-term effects on efforts to safeguard data, applications, and systems. As 2019 comes to a close, we’re taking a look back at a few highlights to see how quickly things are changing.
We hope this walk down memory lane will remind individuals, businesses, and the service providers who look to help those users why modern cyber protection strategies are needed to face the ever-changing landscape of cyberthreats.
Data loss continued despite increased awareness
The year started with some relative optimism: The results of Acronis’ 2019 World Backup Day Survey showed that more users were regularly backing up their data than ever before, with 93% of personal users and 97% of businesses reporting the good news.
Unfortunately, the same survey found that nearly one-third of businesses (30%) reported a data loss event that caused downtime. Even more shocking, 65% of individual users said they or a family member lost data in the past year.
They might be backing up their workstations and laptops, but the increased reliance on smartphones and tablets is increasing the complexity of protecting data. As the bring your own device (BYOD) practice becomes commonplace in businesses – and users rush to buy the latest Android or iPhone – the use of more devices and the ability to access data from more locations created more ways to lose data.
As challenging as the increased complexity may have been, the evolving efforts by cybercriminals to disrupt business, steal system resources, and encrypt data were an even more prevalent hallmark of 2019.
In May, Facebook announced that a vulnerability in it’s popular WhatsApp messaging service exposed users to possible malware attacks. Even if it was unanswered, a call from the attacker would inject commercial-grade spyware onto Android and iOS devices, allowing the criminals to scan emails and messages, monitor the device’s camera and microphone, and steal location data.
The constant progression of ransomware was seen clearly during the first half of the year when the Vega ransomware strain (a.k.a. Jamper, Ghost, Buhtrap), which attacked accountants from February through April 2019, got new life in June – being updated and relaunched as Buran.
August saw a new ransomware strain called Hildacrypt that not only encrypted files, but specifically targeted backup and anti-virus solutions from vendors including Veeam, Symantec, Veritas, Carbonite, Sophos, MBAM, McAfee, ESET, and Acronis solutions. While the AI-based anti-malware defense that is built into Acronis Cyber Backup and Acronis True Image stopped the threat, testing showed that backups from Veeam and Veritas didn’t fare as well.
Targeting governmental organizations
In addition to constantly changing malware, cybercriminals also altered who they were attacking during 2019. They largely focused their ransomware efforts on public institutions and private-sector corporations, since these targets are typically able to pay the ransom and, in many cases, may have other incentives to avoid delays.
There was a rash of ransomware attacks that specifically targeted governmental agencies across the U.S.
A particularly aggressive strain of ransomware called RobbinHood disabled critical IT systems and public services in Greenville, NC and Baltimore, MD. But there were many examples of attacks on local government organizations, school districts, and municipal transportation offices from New York to California and New Mexico to Massachusetts.
The State of Louisiana actually had to declare a state of emergency twice during the year as a result of ransomware attacks. During the summer, several school districts and government offices were hit by an attack. Then, in November, attacks of Ryuk ransomware shut down systems in the governor’s office, the Department of Motor Vehicles, the Department of Health, and the Department of Children and Family Services.
The rise of modern cyber protection
Given the increased complexity and growing threats from malware like ransomware and cryptojacking, 2019 saw Acronis propose a new standard called cyber protection, combining reliable backups with proven cybersecurity capabilities. With new strategies and solutions built to make individuals and organizations #CyberFit, the new approach would prepare users to tackle future threats.
The call-to-action gained traction from professionals in the IT and security fields, as well as from the analysts who are charged with tracking where the industry is headed.
IDC closely examined the cyber protection approach for a white paper related to organizations tackling digital transformation (DX) that was released in June. As a result of that research, IDC’s team of analysts concluded, “We believe that the emerging integration of data protection and cybersecurity into the new discipline of cyber protection will play an important role in the success of DX initiatives ... DX cannot be complete without robust, dynamically evolving cyber protection.”
That thought leadership was also acknowledged in October when Acronis landed on Gartner 2019 Magic Quadrant for Enterprise Datacenter Backup and Recovery Solutions. Our cyber protection solutions also won the hearts of actual users, being named an October 2019 Gartner Peer Insights Customers’ Choice for its Disaster Recovery as a Service (DRaaS) offering.
Security and IT pros embrace cyber protection
The fact that so many professionals from the fields of cybersecurity and IT Ops embraced the new discipline of cyber protection was reinforced by the success of the Acronis Global Cyber Summit 2019, as well as regional Acronis #CyberFit Summits in Abu Dhabi and Singapore.
This year was the inaugural summit in Miami, which was the largest cyber protection gathering. MSPs, resellers, ISVs, and enterprise IT pros met to discuss best practices and cutting-edge solutions to meet modern protection needs.
Attendees left with a better understanding of why their strategies and solutions need to address the Five Vectors of Cyber Protection – safety, accessibility, privacy, authenticity, and security – and they had actionable insights into how they could get their organization or their customers #CyberFit.
The year ahead
Given the rapid changes that occurred throughout 2019, projecting what 2020 will bring is a real challenge. Yet there are a few trends that could hint at the road ahead, so we’ll be providing our thoughts on what’s to come shortly.
In the meantime, we wish you a happy, profitable, and #CyberFit 2020!