Cybersecurity, SMEs in check: phishing and attacks on smart workers on the rise

THE REPORT According to data from Acronis, in the first six months of 2021, four out of five companies were subjected to threats that exploited a vulnerability in their third-party ecosystem. The average cost of a data breach rises to $ 3.56 million 23 Aug 2021 F. Me.

SMEs are the favorite target of hackers. To launch the alarm Acronis in the update of the 2021 Digital Threats Report, which offers details on the trends of digital threats that the company's experts are monitoring. According to the study, it is precisely small and medium-sized enterprises that are particularly at risk of attacks, according to the trends observed during the first six months of the year. During the first half of 2021, four out of five organizations faced a Cyber Security threat that exploited a vulnerability in their third-party ecosystem. This is at a time when the average cost of a data breach has risen to about $ 3.56 million, while the average ransomware ransom payment has soared 33% to over $ 100,000. These figures would represent a nasty financial blow to any organization, but would spell the end of most SMEs, which Acronis believes will be the focus of hackers in the second half of 2021. “While the rise in attacks affects organizations of all sizes, one aspect that isn't being given enough attention by those addressing current digital threat trends is the impact they are having on the small business community,” explains Candid. Wüest, Vice President of Cyber Protection Research at Acronis - Unlike large companies, small and medium-sized businesses do not have the funds, resources or staff skills to counter today's threats. They therefore turn to IT Service Providers, but if their systems are compromised, SMEs are at the mercy of hackers. " By launching attacks on the supply chain of Managed Service Providers (MSPs), hackers gain access to both MSPs and all their customers' businesses. As seen with the SolarWinds breach last year and the attack on Kaseya VSA in early 2021, one successful attack could result in the breach of hundreds or thousands of SMEs in the lower links of the supply chain. .

Phishing attacks are also rampant. Following the use of social engineering techniques to trick users into clicking on malicious attachments or links, phishing emails increased by 62% between the first and second quarter of the year. This spike is of particular concern as 94% of malware is introduced via email. Over the same period, Acronis blocked more than 393,000 malicious and phishing URLs for its customers, preventing hackers from accessing valuable data and introducing malware to customers' systems. And the cases of data exfiltration continue to increase. In 2020, more than 1,300 ransomware victims saw their data publicly disclosed after the attack, as hackers try to maximize the economic gain they can get from successful attacks. During the first half of 2021, more than 1,100 data leaks have already been detected, which could mean a 70% increase by the end of the year. Smart workers are also in danger. The need to use remote workers continues in the wake of the Covid-19 pandemic. Two-thirds of remote workers now use corporate devices for personal activities and personal devices for work activities. As a result, hackers are actively studying remote workers. Acronis has seen a more than double increase in cyber attacks globally, with a 300% increase in brute-force attacks on remote systems via Rdp.