The cost of data breaches from cyberattacks is expected to surpass $5 million per incident in 2023, according to the cybersecurity firm Acronis.
The company’s Cyber Protection Operation Center found phishing and malicious email threats increased by 60 percent in the last year.
Leaked or stolen credentials, which allow hackers to execute attacks including crippling ransomware campaigns, were the cause of almost half the reported breaches in the first half of 2022.
However, there’s some good news, too: The number of ransomware incidents decreased slightly in Q3 2022, after the summer saw a 49% increase in global attacks followed by a decrease of 12.9% in September and October.
Some highlights from the Acronis report:
- Each month in the second half of 2022, ransomware “gangs” added 200 to 300 new victims to their combined list.
- The most attacked industries were construction, retail, real estate, professional services (computers and IT) and finance.
- Macintosh users, once considered to be safer from attacks, are increasingly targeted, as are Linux and cloud environments.
- South Korea, Jordan and China were the most attacked countries in terms of malware per user in Q3 of 2022.
- The United States remains the leader in malware detections at 22.1%, followed by Germany (8.8%) and Brazil (7.8%).
- Spam now accounts for 30.6% of inbound traffic.
- Between July and October 2022, the proportion of phishing attacks rose 1.3%, reaching 76% of all email attacks (up from 58% in the first half of 2022).
- One of the more notorious phishing campaigns of the year pretended to be “the Microsoft team” and tried to bait recipients into posting onto an online memorial board “in memory of Her Majesty Queen Elizabeth II.” The users’ data would then be stolen.
Palo Alto Networks, a Silicon Valley-based cybersecurity firm set up by Israeli entrepreneur Nir Zuk, reports similar results from a global survey of 1,300 companies around the world.
Nearly all respondents admitted to having experienced a cybersecurity incident during the previous 12 months. At least 10 incidents and violations during that period were experienced by 24% of those companies.
“With the shift to working from home, organizations have become more decentralized and vulnerable,” said Sharon Maydar, senior director of Managed Threat Hunting at Palo Alto Networks.
“The attackers adapted relatively quickly to the new situation and began to identify new vulnerabilities. In the coming year, these trends will even intensify. Critical infrastructures and civil institutions will continue to be targets for online attacks, and the potential damages from this could be severe.”