They say those who don’t learn from history are doomed to repeat it – and no one wants to repeat 2020. That’s why, as the end of the year approaches, the experts at our global network of Acronis Cyber Protection Operations Centers (CPOCs) have gathered their research, findings, and observations from the past year to create the Acronis Cyberthreats Report 2020.
Designed to help our customers and partners stay informed, the report is based on the authors’ analysis of attack and threat data collected by our CPOCs, which monitor and research cyberthreats 24/7. Malware data was collected by more than 100,000 unique endpoints around the world.
The full report provides insights into the top security/threat trends of 2020, reviews malware families, and ransomware’s most dangerous groups, and identifies the vulnerabilities that enabled the most successful attacks.
In addition, our CPOC team also examines the trends and technologies to project the greatest cyberthreats we can expect in 2021.
Current cyberthreat landscape
As 2020 comes to a close, ransomware continues to be the most prominent cyberthreat. One strain, in particular, Maze ransomware, was widely used during the past year and accounted for nearly 50% of all ransomware cases.
In preparing the Acronis Cyberthreats Report, our experts point to an emerging tendency among attackers who are trying to maximize their financial gain – rather than just demand a ransom to decrypt infected data, these criminals steal proprietary and sometimes embarrassing data before it is encrypted. Then they threaten to publish the stolen information unless the victim pays them off.
Our CPOC analysts found evidence that in 2020, more than 1,000 companies globally had their data leaked following a ransomware attack. They expect this trend to accelerate during the next 12 months to surpass encryption as the primary attack tactic for these cybercriminals.
So while the COVID-19 pandemic and the shift to remote work amplified existing protection and security challenges, Acronis warns that 2021 will be the “year of extortion” as cybercriminals move from attacks focused on data encryption to data exfiltration.
“More than any year in recent memory, 2020 posed a tremendous number of challenges to IT professionals, organizations, and the service providers who support them,” noted Stas Protassov, Acronis co-founder and Technology President. “What we’ve seen is how quickly bad actors are adjusting their attacks to the new IT landscape. By analyzing the activity, attacks, and trends we’ve detected and clearly presenting our findings, we hope to empower our partners and help the IT community at large prepare for the threats on the horizon.”
Key takeaways from the report
The warning about the pivot to data exfiltration is only one of several notable findings in the Acronis Cyberthreats Report. By looking at the current trends, the report also projects that:
- Attacks against remote workers will increase. While 31% of companies worldwide reported being attacked daily during 2020, the rate of attacks targeting employees working remotely will only increase in 2021 as cybercriminals target less secure systems outside the corporate network to access an organization’s data.
- Ransomware will look for new victims, become more automated. Ransomware attackers will narrow their focus to find targets that deliver a bigger payoff. Compromising one network to steal data from several companies is more profitable than attacking each individual organization, so cloud environments and managed service providers will become more valued targets.
- Legacy solutions struggle to keep up. With the average lifespan of a malware sample in 2020 lasting just 3.4 days, the speed of change has overwhelmed traditional antimalware products, making them obsolete. Since standalone backup and cybersecurity solutions are no longer enough, organizations need new strategies and solutions that are designed to stay ahead of new threats.
“When it comes to existing solutions and strategies, the current trends in cyberattacks all show that traditional cybersecurity is failing – usually because of weak technologies and human error, which are both avoidable,” added Candid Wüest. the VP of Cyber Protection Research at Acronis and co-author of the report. “Just as cybercriminals are evolving their attacks, organizations need to advance their protection and security. Comprehensive cyber protection solutions offer the integration and automation that eliminate complexity, optimize performance, and streamline recovery when a successful attack inevitably occurs.”
Get the Acronis Cyberthreats Report 2020
Many of us are ready to put 2020 behind us, but looking back at the cybersecurity challenges of the past year provides tremendous insights for the familiar threats we’ll continue to face, while also preparing us for the new protection challenges expected in 2021.
We want to make sure everyone can benefit from the insights of the Acronis Cyberthreat Report 2020 – from managed service providers to business owners to IT team leaders. A copy of the full report is available for download here.