Ransomware, phishing and software vulnerabilities created the most havoc in H2 2023

Cyberattacks affect businesses of all sizes and in all industries. And although attacks on enterprises generate the most headlines because of household names and sky-high ransomware costs, attacks on SMBs are equally damaging. When MSPs are attacked, their clients are often next in line, making them vulnerable not only to lost business but also potential legal ramifications. Together, this makes SMBs and MSPs prime targets for attack. Our latest report explores this and more.

The “Acronis Cyberthreats Report, H2 2023: Alarming rise in cyberattacks, SMBs and MSPs in the crosshairs” is generated by Acronis data based on over 1,000,000 unique endpoints distributed around the world, focusing on 15 key countries. It explores the cyberattack trends and statistics that dominated H2 2023. From software vulnerabilities to ransomware, cyberthreats in the second half of 2023 revealed a startling level of sophistication that will only grow with the availability of free and open source AI tools.

Highlights from the report:

·       Attack techniques cybercriminals used to evade defenses.

·       The top 10 countries targeted in malware, phishing and ransomware attacks.

·       Software vulnerabilities that kept IT on its feet in H2 2023.

·       How cybercriminals turned the tables on AI.

·       Cybersecurity predictions for 2024.

Here are a few riveting cyberthreat trends we've observed in the second half of 2023:

Phishing and AI are a toxic pair

Email attacks skyrocketed by 222% compared to the last half of 2022, and generative artificial intelligence (AI) is partially to blame. A growing number of organizations faced AI-enhanced phishing attacks, with 91.1% of businesses reporting first-hand encounters. With adversaries abusing generative AI to craft phishing emails, messages are more convincing and virtually indistinguishable from legitimate messages, making it more crucial now than ever for SMBs and MSPs to deploy AI-powered detection tools.

LockBit, CL0P, BlackCat / ALPHV, Play and 8Base claimed the most victims in H2 2023, hitting organizations across manufacturing, healthcare, education, finance and government. In December 2023, the FBI and other law enforcement agencies breached ALPHV’s servers, enabling law enforcement to monitor the group’s activities and help 500 of ALPHV’s 1,000 victims recover their data.

Leveraging AI tools such as ChatGPT, cybercriminals will launch personalized, tailored and targeted phishing campaigns to steal sensitive information from victims. We predict elevated levels of phishing, deepfake exploitation and automated attacks, as well as QR code-based phishing attacks that will bypass MFA.

For an in-depth exploration of the top vulnerabilities, a breakdown on how AI-powered cyberattacks unfold — and actionable recommendations, download the full Acronis Cyberthreat Year-end Report 2023!