Research shows the raw number of cyberattacks started to decrease last fall.
There are a few thoughts that have been constant on the cybersecurity front over the last decade:
- Cyber protection is always a step or two behind cyber attacks
- We’re always protecting against yesterday’s attacks, not tomorrow’s
- Cyber threats are simply part of the cyber environment and always will be
That reality of cyber-attacks may or may not be permanent. What we have seen recently is an actual piece of good news on the cybersecurity front. Positive Technologies experts have analyzed the Q3 2021 cybersecurity threats and found a decrease in the number of unique cyberattacks. Even while the total number of attacks has decreased, there’s been an increase in the share of attacks against individuals and a rise in attacks involving remote access malware.
The number of attacks in Q3 decreased by 4.8% compared to the previous quarter. This is the first time since the end of 2018 that Positive Technologies has recorded a negative trend. The researchers believe one reason for the change is the decrease in ransomware attacks and the fact that some major players have quit the stage. This has resulted in the share of attacks on corporate computers, servers, and network equipment falling from 87% to 75%.
The cyber threats during 3Q of 2021 were a mixed bag even though the net result was positive:
- The number of attacks during the period decreased by 4.8% compared to the previous quarter—the first time since the end of 2018 that Positive Technologies recorded a negative trend
- The share of attacks aimed at compromising corporate computers, servers, and network equipment fell from 87% to 75%
- Although the share of malware attacks on organizations decreased by 22%, attackers’ appetite for data led to an increase in the use of remote access trojans, which increased 2.5 times over Q1 2021
- Compared to the same period last year, the share of social engineering attacks against individuals increased from 67 to 83%
We caught up with Ekaterina Kilyusheva, head of research and analytics at Positive Technologies, to get further details into the nature of cyber threats going forward.
Design News: Are the positive results a matter of better protection, or have cybercriminals moved on to other activities?
Ekaterina Kilyusheva: One key reason for the decrease in unique cyberattacks is the decrease in ransomware attacks and the fact that some major players have quit the stage. This is also why the share of attacks aimed at compromising corporate computers, servers, and network equipment has fallen, from 87% to 75%.
This year we saw the peak of ransomware attacks in April when 120 attacks were recorded. There were 45 attacks in September, down 63% from the peak in April. The reason is that several large ransomware gangs stopped their operation, and law enforcement agencies started paying more attention to the problem of ransomware attacks. This is due to recent high-profile attacks.
DN: Are there trends in threats, either the manner of attacks or the victims?
Ekaterina Kilyusheva: We noted a trend toward the rebranding of existing ransomware gangs: Some operators are rethinking their preference for the Ransomware as a Service (RaaS) scheme, which carries certain risks from unreliable partners. Due to the lack of transparency of the RaaS model and the development of the market for exploits and access to companies, ransomware groups have begun to morph into more organized structures that seemingly adhere to the all-in-one concept.
Among organizations, government agencies were most frequently attacked. Cybercriminal actions tended to result in leakage of sensitive information and disruption of state institutions. The main attack tool is ransomware, used in 46% of malware-based attacks. Also, medical institutions remain a primary target of cybercriminals. Sensitive data was leaked in 58% of attacks, and roughly half of all stolen information (45%) was medical.