India recorded the fourth highest ransomware attacks in Asia in Q3 2021, shows a new cyberthreat report by Singapore-based cybersecurity company Acronis. Ransomware detections in India had doubled to 7.34% in Q3 2021 from 3.65% in Q2 2021, the report found.
Ransomware continues to be the number one threat to big and medium businesses globally, including the public sector, healthcare, manufacturing and other critical organisations.
Acronis predicts ransomware damages will exceed $20 billion before the end of 2021.
The report further highlights that managed service providers (MSPs) are particularly at risk, having more of their own management tools, such as PSA or RMM, used against them by cybercriminals, and thus are becoming increasingly vulnerable to supply chain attacks.
Supply-chain attacks on MSPs are particularly devastating, since attackers gain access their businesses and clients — as seen in the SolarWinds breach last year and the Kaseya VSA attack earlier in 2021, one successful attack means crippling hundreds or thousands of SMBs. The report also shows that during the second half of 2021, only 20% of companies reported not having been attacked, as opposed to 32% last year, indicating that attacks are increasing in frequency across the board.
“The cybercrime industry is a well-oiled machine, using cloud and machine intelligence to scale and automate their operations. While the threat landscape continues to grow, we see that the main attack vectors stay the same — and they still work. While the attack surface is growing and 2022 will surely bring us surprises, cyber protection automation remains the only path to greater security, reduced risks, lower costs, and improved efficiency,” said Candid Wuest, VP of Cyber Protection Research, Acronis.
The Acronis Cyberthreats Report 2022 is based on evaluation of attack and threat data collected by the company’s global network of Acronis CPOCs, which monitor and research cyberthreats 24/7. Malware data was collected by more than 650,000 unique endpoints around the world running Acronis Cyber Protect — either as a client of an MSP using the solution or a business running the solution. The end-of-year update covers attacks targeting endpoints detected between July and November, 2021.