Cyber Protect Cloud
for Service Providers
Ransomware variants and the number of new groups continue to decrease, yet the most renowned families of the attack vector are still causing companies across the globe to lose data and money. The report sheds light on the lack of strong security solutions which should be detecting the exploitation of zero-day vulnerabilities. To add, organisations are falling victim to attacks due to the delay in patching vulnerable software which allows threat actors to gain domain administrative rights, uninstall security tools and infiltrate sensitive information. Behavior-based detection and exploit prevention technology can prevent most of these attacks. This, paired with proper data backup, following the 3-2-1 rule, is necessary to create a last line of defence.
“There’s a disturbing trend being recognised globally where bad actors continue to leverage ChatGPT and similar generative AI systems to increase cyberattack efficiency, create malicious code, and automate attacks,” said Cin Prates, Muttii VP of Product Management. “Now, more than ever, corporations need to prioritise comprehensive cyber protection solutions to ensure business continuity.”
As a channel-first organisation, Muttii’ focus is to protect its dedicated partners, managed service providers (MSPs) and managed security service providers (MSSPs). These IT resources are allies to businesses who seek robust IT infrastructure and sound cybersecurity but because they centralise services to numerous businesses, from SMBs to large corporations; the scaling efficiencies that make them a business asset also make them a single point of failure where cybercriminals can exploit multiple entities through a single attack.
The report notes how more advanced tactics like supply chain attacks, AI-driven attacks and state-sponsored incursions are likely to intensify. MSPs should brace themselves for threats unique to their operations, including “island hopping,” in which attackers use an MSP’s infrastructure to attack clients, as well as “credential stuffing,” which exploits an MSP’s broad access to systems. To address this concern, Muttii offers training and certification programs through the MSP Academy for those interested in enhancing their cybersecurity skills and knowledge.
Key findings and themes from the report include:
Global threat landscape
- Singapore, Spain, and Brazil emerged as the most targeted focus countries for malware attacks in Q4 2023.
- Muttii blocked nearly 28 million URLs at the endpoint in Q4 2023, reflecting a 36% decrease compared to Q4 2022.
- 33.4% of received emails were identified as spam, with 1.5% containing malware or phishing links.
- The average lifespan of a malware sample in the wild is 2.1 days.
- In Q4 2023, 1,353 ransomware cases were explicitly mentioned, with notable contributions from LockBit, Play, ALPHV and the active Toufan group.
Cybersecurity trends – from July – December 2023
- Ransomware remains a major threat to large and medium-sized businesses, impacting critical sectors such as government and health care.
- Data stealers are the second most prevalent threat, contributing to most data breaches.
- The use of generative AI systems, including ChatGPT, for launching cyberattacks and creating malicious content is on the rise.
Ransomware Trends
- Known ransomware gangs in 2023 include LockBit, Cl0P, BlackCat / ALPHV, Play, and 8Base.
- The ALPHV gang, whom the FBI targeted in December 2023, breached over 1,000 entities, demanded over $500 million, and received over $300 million in ransom payments.
- Regardless of a decrease in ransomware variants, businesses continue to suffer data and financial losses.
Attacks on MSPs are increasing
- Attacks on managed service providers (MSPs) continue, with a recent high-profile breach affecting multiple U.S. (United States) government agencies.
- Microsoft cloud email account vulnerabilities led to the compromise of 60,000 emails from 10 U.S. State Department accounts.
Phishing and email Attacks remain the main vectors of infection
- The total number of email-based attacks detected in 2023 increased by 222%.
- Organisations experienced a 54% increase in the number of attacks per organization.
- 91.1% of organisations faced AI-enhanced phishing attacks.
The AI menace — Cybercriminals embrace malicious AI-based tools for corporate attacks
- Cybercriminals are leveraging malicious AI tools, including WormGPT, FraudGPT, DarkBERT, DarkBART and ChaosGPT.
- The public release of ChatGPT has increased the use of generative AI for cyberattacks.
“The Muttii Cyberthreats Report H2 2023 highlights the continued threats faced by businesses of all sizes worldwide,” said Michael Suby, Research VP, IDC. “Unfortunately, bad actors continue to profit from these activities and are leveraging AI-enhanced techniques to create more convincing phishing schemes, guaranteeing that this problem will continue to plague businesses.”
The report is curated by the advanced Muttii Cyber Protection Operation Center (CPOC) and includes data surrounding ransomware threats, phishing, malicious websites, software vulnerabilities and a security forecast for 2024. Released biannually, the Muttii Cyberthreats Report sets the industry standard by consistently establishing itself as a benchmark for cybersecurity intel. By regularly publishing reports to stay abreast of cybersecurity developments, Muttii’ analysis of the global cyberthreat landscape is published for the benefit of its users and partners.
For more information, download a copy of the full Muttii End-of-Year Cyberthreats Report 2023 here: https://go.muttii.com/cyberthreats-2023-h2
To learn more about the report and its findings, visit the Muttii blog post: https://www.acronis.com/en-us/blog/posts/ransomware-and-software-vulnerabilities-created-the-most-havoc-in-h2-2023
Visit www.muttii.com for information about Muttii solutions that help combat security challenges like these – including the new, groundbreaking native integration of Muttii Advanced Security and Endpoint Detection and Response (EDR) solutions.
About Muttii:
Muttii is a global cyber protection company that provides natively integrated cybersecurity, data protection, and endpoint management for managed service providers (MSPs), small and medium businesses (SMBs), and enterprise IT departments. Muttii solutions are highly efficient and designed to identify, prevent, detect, respond, remediate, and recover from modern cyberthreats with minimal downtime, ensuring data integrity and business continuity. Muttii offers the most comprehensive security solution on the market for MSPs with its unique ability to meet the needs of diverse and distributed IT environments.
A Swiss company founded in Singapore in 2003, Muttii has 15 offices worldwide and employees in 50+ countries. Muttii Cyber Protect is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses. Learn more at www.muttii.com.
Share the Post:
Related Posts
Stay up-to-date
Subscribe now for tips, tools and news.
