Soaring Ransomware payments, consistent infections, deceptive URLs and more in this year’s 2022 BrightCloud® Threat Report

By: Grayson Milbourne, Security Intelligence Director

Cyber threats are becoming increasingly difficult to detect. Cybercriminals are also becoming experts in deception. What does this mean for your business? How can you keep your family members safe online and reassure your customers you are protecting their data?

Our threat research analysts have complied the latest threat intelligence data to bring you the most cutting-edge and insightful information about the latest cyber threats and what they mean for you.

Below is a summary and sneak peek from the full report.

Malware

Whether you operate a business or spend time online surfing the web, malware remains a concern. In the last year, 86% of malware remained unique to a PC, which has been consistent for the past few years. This implies attackers are obtaining a level of consistency in what they do to avoid being caught.

While the goal of spreading infection is top of mind for a bad actor, infection rates are not equal. When we examined the trends between businesses and consumers, there are some marked differences:

  • 53% of consumer PCs were infected more than once, but businesses lag behind migrating from Windows 7, leaving them more suspectable to infection.
  • For medium-sized organizations (21 to 100 licensed PCs) infection rates are just over one-third (34%), infecting nine PCs on average.
  • The manufacturing, public administration and information sectors experienced higher-than-average infection rates.

If your business falls within these industries or if you’re concerned your personal PC could be prone to infection, read the complete section on malware in the 2022 BrightCloud® Threat Report. It’s chock full of insights into the differences in infection rates by type of PC, region and industry.

Skyrocketing ransomware payments will cost more than just your revenue

If you’re a small business owner, you don’t need to be told that you’ve suffered immensely throughout the pandemic. Exposure to ransomware is just another element you’ve had to consider. Ransomware continues to plague small to medium-sized businesses (SMBs). While this is not a new revelation, the smallest organizations, those with 100 employees or less, accounted for 44% of ransomware victims last year.

That’s nearly half.

Why do cybercriminals focus on SMBs? Attacks on larger enterprises and state-owned entities bring a level of publicity and attention that makes it harder for bad actors to achieve their goal of a financial payout. SMBs, given the lack of resources to respond, are more likely to pay and pay a lot. The year-end average for 2021 more than doubled the 2020 average, reaching $322,168. With limited resources at their disposal, the smallest of organizations are faced with tough decisions ahead when it comes to making ransomware payments and disclosing their decision to do so.

Law enforcement agencies are starting to gain headway on ransomware gangs. To learn how countries are banding together to shutdown notorious groups like REvil and DarkSide, check out the ransomware section of the full report.

High-Risk URLs are phishing for your data in the most benign of locations

We discovered four million new high-risk URLs were in existence in 2021. To make matters worse, almost 66% of them involved phishing. Cybercriminals look to certain times of the year to execute their attacks. They are also keen to impersonate well-known brands to lure you into clicking on malicious links. Our complete list of top brands that are most impersonated is available in the phishing section of our full report.

­­­Thwarting cyber threats through cyber resilience

Our full report helps you uncover the latest cyber trends powered by our BrightCloud® Threat Intelligence platform. Whether the threat is malware, ransomware or phishing, consumers and businesses are not immune to cyber threats. The only way to thoroughly prepare and recover from these threats that lurk at every turn is to integrate cyber resilience into our processes, people and technology.

Related posts

How to Improve Your Cyber Resilience by Strengthening User Privileges

The Dark Side of Viral Content: How Negative Reviews Can Snowball

Testing Gaming Monetization: Walking the Line Between Profit and Player Experience