Content, Content

Acronis: Cyber Kidnappers Expected to Switch Tactics to Data Exfiltration in 2021

In 2021, greater numbers of ransomware cyber crews will shift their primary attack strategy to data exfiltration from data encryption to maximize financial hauls from large companies, cybersecurity provider Acronis said in its newly released Cyberthreats Report 2020.

Cybercriminals are no longer satisfied with extracting ransoms from victims in exchange for releasing hijacked data, the Swiss company said in the report. More threat actors are stealing proprietary and “sometimes embarrassing” data and threatening to release the information online unless the victim pays up. So convinced is Acronis of the wholesale shift in tactics that it is predicting 2021 will be the “year of extortion.”

The company’s analysts found evidence that more than 1,000 companies globally had their data leaked following a ransomware attack in 2020, a clear indication that data exfiltration will become cyber attackers' go-to tactic. As a result, cloud environments and managed service providers (MSPs) will continue to be highly valued targets of cyber extortionists because their systems can provide access to the data of multiple clients, Acronis said. "Attacks in 2020 showed that MSPs can be compromised via a variety of techniques, with poorly configured remote access software being among the top attack vectors. Cybercriminals used vulnerabilities, the lack of two-factor authentication (2FA), and phishing to get access to MSPs management tools and eventually to their clients’ machines."

Key findings include:

  • While 31% of global companies reported daily cyberattacks in 2020, the frequency of attacks targeting their remote workers is projected to increase in 2021. Defenses for systems outside of the corporate network are more easily compromised, giving bad actors access to that organization’s data.
  • Ransomware attackers will focus on targets that provide a bigger return on their efforts. Breaking into one network to steal data from several companies is more profitable than attacking individual organizations.
  • The average lifespan of a malware sample in 2020 was 3.4 days. As attackers continue to use automation, the number of malware samples will continue to climb. Simple standalone security and backup solutions will no longer be enough to protect organizations from bad actors.

“More than any year in recent memory, 2020 posed a tremendous number of challenges to IT professionals, organizations, and the service providers who support them,” said Stas Protassov, Acronis co-founder and technology president. “What we’ve seen is how quickly bad actors are adjusting their attacks to the new IT landscape. By analyzing the activity, attacks, and trends we’ve detected and clearly presenting our findings, we hope to empower our partners and help the IT community at large prepare for the threats on the horizon.”

Malware data for the report was collected from June to October, 2020 and is based on some 100,000 unique endpoints distributed globally. Only threats for Microsoft's Windows operating systems are reflected in the report due to their prevalence in comparison to Apple's macOS.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.