A study by Orange Cyberdefense, Europe’s largest managed security service provider, today reveals that there has been a 13% increase in cyber attacks against businesses in the past 12 months, with an increase ransomware incidents and, for the first time, a noticeable wave of attacks on mobile devices.
Security Navigator 2022 provides detailed analysis of more than 50 billion security events analyzed daily over the past year (October 2020 to October 2021) by the 18 Security Operation Centers (SOC) and 14 CyberSOCs of Orange Cyberdefense worldwide.
Monitoring showed that of the 94,806 incidents reported as potential threats, the analyst survey confirmed that 34,156 (36%) were legitimate security incidents, an increase of 13% from the previous year. . More than a third (38%) of all confirmed security incidents have been classified as malware, including ransomware, an 18% increase from 2020.
The report found that nearly two-thirds (64%) of security alerts handled by Orange Cyberdefense analysts turned out to be ânoiseâ and did not pose a real threat, a 5% increase from the previous year. The results suggest that many organizations, especially small and medium-sized businesses, will need more resources to filter this massive amount of data for potential threats. The risk is that these businesses will become increasingly vulnerable to attacks as the level and volume of activity continues to increase.
The Security Navigator also reports that mobile operating systems like iOS and Android in a commercial setting are an increasingly popular target for exploits. Many activities appear to be related to trading companies engaged by law enforcement and intelligence agencies. However, the vulnerabilities and exploits developed are unlikely to stay in this area, but have also found their way into the past and will likely end up in the criminal ecosystem in the future (think of the WannaCry attack of 2017).
Orange Cyberdefense predicts that attacks targeting mobile devices should continue on this upward trajectory. This is a development to which security professionals will need to pay more attention. Mobile platforms are central in modern access protection concepts, namely multi-factor authentication (MFA), which is commonly used in corporate environments to protect access to the cloud, for example.
Another key finding from the new Security Navigator is that malware, including ransomware, was the most common type of threat reported during the analysis period, with 38% of all confirmed security incidents classified. as malware – an increase of 18% from 2020. Some of the major malware trends are:
- A decrease in confirmed downloader activity (malware that downloads and runs other malware on affected systems) in November and December 2020 after law enforcement clears the Trickbot botnet, and in January and February 2021, just after the elimination of Emotet;
- An inverse correlation between the severity of Covid-19 blocks and the activity volumes of downloaders and ransomware: the more severe the blocks, the less this activity, contrary to the dominant narrative that attacks increase when users are working at residence ;
- Large businesses see more than double (43%) the number of confirmed malware incidents than midsize businesses.
Hugues Foulon, CEO of Orange Cyberdefense said: âAttacks like Solorigate show that even trusted software from trusted vendors can turn into a Trojan horse for cunning attackers. Technology alone cannot be the solution to this problem. As our data shows, we have seen a 13% increase in the number of incidents in just one year, and these incidents continue to increase year on year. A lot of the tech-related security alerts our analysts deal with are just noise, but it puts a strain on already strained IT and security teams. Indeed, not all businesses have the means or the resources to employ Managed Security Service Providers to help them sift through the ânoiseâ and find actionable security âsignalsâ. We therefore believe that security technologies can and should do better.
Security Navigator 2022 includes:
- 100% first-hand information from 18 global SOCs and 14 CyberSOCs of Orange Cyberdefense, CERT, epidemiology labs, penetration testers, researchers, etc.
- 18 pages of CyberSOC statistics
- 12 pages of World Watch / CERT observations
- Pentest and CSIRT Stories: Including a Potentially State-Supported Hack Case and Red Team Exercise
- Security Digs Deeper into Ransomware Criminology and Analyzes Over 3000 Leak Threats Among 67 Distinct Actors Involved in Cyber ââExtortion
- Safety Predictions: Moving to “Happy Investments” by Approaching Three Key Safety Areas in Different Ways