Malware only lasts a couple of days in the wild as cyberattackers use automation to create new and customized malicious code at “blazing speed,” and bypassing traditional signature-based detection, Acronis says in its newly released Mid-Year Cyberthreats Report 2023.
The average lifetime of a malware sample in June 2022 was 2.3 days, after which it disappeared and was never seen again by Acronis, the company said. In May 2023, this figure was down to 2.1 days.
Of all the samples observed, 73% were seen only once across our customer base. The country with the most clients experiencing malware detections in May 2023 was the United States with 18.4%, followed by Brazil with 9.0% and Germany with 8.7%.
Study Based on 1 Million Endpoints
Here are some of the study’s highlights based on 1 million unique endpoints distributed around the world:
- Email attacks surged 464%.
- 60,000 customers were impacted by supply chain attacks.
- The rise of ChatGPT, using AI to launch cyberattacks and create malicious content.
- Data stealers are the second most prevalent threat.
Ransomware continues to be the primary threat to big and medium businesses, and increased significantly in March. The U.S. was the target of almost half of March’s 459 successful reported attacks, with 221 victims (48%).
The most popular cyber threats are:
- 73% phishing
- 15% social engineering (business email compromise)
- 11% Malware
- 1% Advanced attacks
Top 5 ransomware gangs by number of victims:
- 49% LockBit
- 19% Royal
- 13% BlackCat / ALPHV
- 12% Cl0p
- 7% LockBit
The rise of artificial intelligence (AI):
- Cybercriminals are experimenting with the new generation of AI to optimize their attacks, which Acronis calls “no surprise.” Large language models (LLM) like ChatGPT enables cybercriminals to further increase the number of their attacks through automation and repetition, which has led to an increasing number of ransomware attackers.
Acronis' "CyberFit for the Future" Recommendations
Modern cyberattacks, data leaks and ransomware outbreaks reveal that the current approach to cybersecurity is failing. According to Acronis, here’s how to be #CyberFit for the future:
- Use an integrated cyber protection solution that combines anti-malware, EDR, DLP, email security, vulnerability assessments, patch management, RMM and backup capabilities into a single agent.
- Implement an endpoint detection and response (EDR) solution to bring the visibility needed to understand attacks, while simplifying the context for administrators and enabling efficient remediation of any threats.
- Continuously patch your operating system and applications. Many attacks succeed due to unpatched vulnerabilities. Apply regular vulnerability assessment and patch management functionalities.
- Watch out for phishing attempts. Use of additional dedicated URL filtering functionality can help filter out phishing messages and suspicious links.
- Ensure your cybersecurity solution is properly configured. A full scan should be performed at least once per day, and on-demand and on-access (real-time) scans should be enabled and react to every new software installation or execution.
- Security tip number one: keep passwords and work spaces private. Make sure that your passwords are strong and never share them.
Acronis Offers MSSP/MSP Partner Program
Acronis supports more than 16,000 service providers globally and provides them with 50-plus technology integrations. It also offers the #CyberFit Partner Program, which allows MSSPs, MSPs and other technology providers to use its solutions to develop and launch new cyber protection services.
Acronis in March 2023 opened a new Cyber Cloud data center in Toronto, Canada. This data center further expands Acronis’ global network of more than 50 data centers. It provides MSSPs, MSPs and other Acronis partners with access to its cyber protection solutions so they can offer new services and secure their customers’ data, the company said.