Complex Made Simple

The Acronis cyberthreats report 2022 reveals ongoing malware pandemic

The report warns that managed service providers (MSPs) are particularly at risk, with more of their own management tools, such as PSA or RMM, used against them by cybercriminals,

Cybercriminals are using MSPs’ own internal tools making companies more vulnerable to supply chain attacks Ransomware damage to exceed $20 billion by end of the year The UAE ranked 33rd globally, responsible for 0.3% of all global detections

Acronis, a global leader in cyber protection, recently released its annual Acronis Cyberthreats Report, the 2022 version, providing an in-depth review of cybersecurity trends and threats worldwide.

The report warns that managed service providers (MSPs) are particularly at risk, with more of their own management tools, such as PSA or RMM, been used against them by cybercriminals, and thus are becoming increasingly vulnerable to supply chain attacks.

Supply-chain attacks on MSPs are particularly devastating since attackers gain access to both their business and clients, as seen in the SolarWinds breach last year and the Kaseya VSA attack earlier in 2021.

The report also shows that during the second half of 2021, only 20% of companies reported not having been attacked, as opposed to 32% last year.

Key trends of 2021 and predictions for 2022

Beyond the growing efficiency of cybercriminals and the impact on MSPs and small businesses, the Acronis Cyberthreats Report 2022 shows:

  • Phishing remains the main attack vector. 94% of malware gets delivered by email, using social engineering techniques to trick users into opening malicious attachments or links. Just this year, Acronis reported blocking 23% more phishing emails and 40% more malware emails in Q3, as compared with Q2 of the same year.
  • Phishing actors develop new tricks, move to messengers. Now targeting OAuth and multifactor authentication tools (MFA), these new tricks allow criminals to take over accounts. To bypass common anti-phishing tools, they will use text messages, Slack, Teams chats and other tools for attacks such as business email compromise (BEC).
  • Ransomware is still the #1 threat. High-value targets include the public sector, healthcare, manufacturing, and other critical organizations. Ransomware continues to be one of the most profitable cyber attacks these days. Acronis predicts ransomware damages will exceed $20 billion before the end of 2021.
  • Cryptocurrency among the attackers’ favorite playing cards. Info stealers and malware that swaps digital wallet addresses are the reality today. We can expect more such attacks waged directly against smart contracts in 2022. Attacks against Web 3.0 apps will also occur more frequently, and new and increasingly sophisticated attacks, such as flash loan attacks, will allow attackers to drain millions of dollars from cryptocurrency pools.


Growing need for cyber protection in MEA: two data centers opening

Overall, in terms of cybersecurity, this year was the worst on record; not just for many organizations, but for many countries as well, including the UAE, a country now pushing to fight the global “cyber pandemic.” And despite their best effort, as Acronis’ own recent survey shows, 25% of people in UAE still do not use any cyber protection tools.

Malware attacks remain a global phenomenon, and every country has to fight it. Reviewing the normalized malware detection in our research, we saw countries like Taiwan, Singapore, China, and Brazil with over a 50% detection rate. However, the Middle East and Africa (MEA) region also ranks fairly high on the list, with the UAE at 38%, South Africa at 36%; and Saudi Arabia at 29%.

We see similar statistics for blocked ransomware attacks: the UAE ranked 33rd globally, responsible for 0.3% of all global detections — a 63%  increase from Oct 2021 — while South Africa ranked 30th globally, responsible for 0.4% of all detections — a 64% increase from October 2021.

While ransomware attacks are clearly on the rise in MEA, the high malware detection rates could mean that countries are paying more attention to cyber protection by upgrading their detection capabilities.