Blog
Triple digit increase in cyberattacks: What next?
5-MINUTE READ
August 4, 2021
Blog
5-MINUTE READ
August 4, 2021
There’s an old superstition that bad things come in threes—and it definitely rings true when it comes to global cyberattack volumes. In our latest global incident response analysis for the first half of 2021, Accenture Security found that there’s a triple digit increase in intrusion volume— driven by three, sometimes familiar trends.
1. No slowdown in sight despite some positive news on the pandemic front: In the first half of the year, there’s been no slowdown of cyberattacks as global incident volume continues to trend upward. With a 125% increase in incident volume year-over-year, the impact was observed for almost every industry and geography. The triple digit increase noted was primarily driven by a global uptick in web shell activity by way of nation-state and cybercrime actors alike, targeted ransomware and extortion operations and supply chain intrusions.
2. Certain industries and geos are being disproportionately impacted: Five industries (Figure 1) comprised more than 60% of total intrusion volume—Consumer Goods & Services (21%), Industrial (16%), Banking (10%), Travel & Hospitality (9%) and Insurance (8%). And one region (Figure 2) in particular felt the brunt of the impact—the United States was the most impacted geography with 36% of incident volume. Just like the animal kingdom, any sign of weakness breeds vulnerability, so being aware of industry and geographic impact patterns, coupled with sound threat intelligence, can help to counteract determined threats.
3. Ransomware and extortion isn’t new—but they’re still a top threat: Ransomware and extortion operations continue to reign supreme as the top malware category (38%) observed and second-highest incident type (29%) by volume (Figures 3-6). We observed some well-known names in the top five ransomware variants list—consistent with last year, REvil/Sodinokibi was top of the list at 25% and, as we noted in an earlier report, the threat group using Hades has been active in the first half of the year. In addition, more than 85% of ransomware and extortion victim size, as measured by annual recurring revenue, were US$1B+, a strong indicator of “big game hunting.”
What are the implications of these findings for the second half of the year? Here’s how the impact might play out:
The rapid pace of cyber evolution means that intelligence should be timely and relevant, so look for more updates to come from our Cyber Defense team.
The metrics outlined in this blog are based on collection from CIFR incident response engagements conducted between January 2021 and June 2021. In addition, all intrusion data and analysis herein are based on our distinct collection sources and could be subject to field of view limitations, such as our client’s size, industry sectors, and geographies served, among others.
If you have an incident or need additional information on ways to detect and respond to cyber threats, contact a member of our CIFR team 24/7/365 by phone 888-RISK-411 or e-mail CIFR.hotline@accenture.com.
Accenture Security is a leading provider of end-to-end cybersecurity services, including advanced cyber defense, applied cybersecurity solutions and managed security operations. We bring security innovation, coupled with global scale and a worldwide delivery capability through our network of Advanced Technology and Intelligent Operations centers. Helped by our team of highly skilled professionals, we enable clients to innovate safely, build cyber resilience and grow with confidence. Follow us @AccentureSecure on Twitter or visit us at www.accenture.com/security.