The top attack trends businesses need to address this year
2021 saw supply chain and ransomware attacks dominate the security landscape. But will this pattern continue this year?
Managed detection and response provider Expel has launched a new report which provides insights on the biggest cybersecurity threats, practical recommendations on how to handle them, and predictions on what to expect in the year ahead.
The report highlights the four top attack trends that every organization should build resilience against: business email compromise (BEC), ransomware, supply chain targeting, and cryptojacking.
BEC attacks are still a major threat. 50 percent of the incidents Expel responded to in 2021 were BEC attempts and Expel’s security analysts have spotted a trend towards SaaS apps becoming the top target.
Groups like the REvil gang spurred a record high for ransomware attacks in 2021, 90 percent of ransomware incidents Expel responded to used a ‘self-installation’ technique to gain initial entry.
Attacks like the Kaseya compromise got the world's attention in 2021, and private citizens felt the impact of widespread supply chain attacks throughout the year. While these types of attacks aren't going away soon, the Expel security operations center has spotted a common pattern that every organization can guard against.
Exploitation of web apps to deploy cryptocurrency coin miners exploited older known vulnerabilities in 2021 while much of the security world focused on newer threats. Expel warns that web apps are becoming top targets, 35 percent of web app compromises Expel responded to resulted in deployment of a crypto miner.
"We're seeing security operations centers and security operations in general become increasingly data-driven," says Yanek Korff, COO of Expel. "We think security is better when we share with each other to protect each other. We hope the data in this report can inform how security teams approach detection, investigation, response, and remediation for important threats this year."
The full Great eXpeltations 2022: Cybersecurity trends and predictions report is available from the Expel site.