Email attacks worldwide rise by 293% in H1 2024

New ransomware groups pose a significant threat

Acronis has released its biannual cyber threats report for the first half of 2024, comprehensively analysing global cybersecurity trends.

The report, titled ‘Acronis Cyberthreats Report H1 2024,’ presents a sobering view of cyber threats. Email attacks experienced an unprecedented 293% surge, and new ransomware groups pose significant risks to businesses worldwide.

The Acronis Threat Research Unit compiled data from over one million unique Windows endpoints across 15 countries to illuminate the evolving cyber threat landscape.

The report reveals a staggering 293% increase in email attacks compared to the same period in 2023. This dramatic rise underscores the growing sophistication and frequency of phishing and other email-based threats, demanding immediate attention.

Moreover, ransomware detections increased by 32% from the last quarter of 2023 to the first quarter of 2024, underscoring the pressing need for immediate action.

Ransomware threat

Ransomware, a persistent and evolving threat, continues to target small and medium-sized businesses (SMBs) in crucial sectors such as government and healthcare. In the first quarter of 2024 alone, Acronis identified 10 new ransomware groups, collectively claiming responsibility for 84 cyberattacks worldwide, significantly impacting the affected businesses.

The report highlights three particularly active ransomware families—LockBit, Black Basta, and PLAY—responsible for 35% of these attacks.

The report also delves into Managed Service Providers (MSPs) vulnerabilities, highlighting the critical need for enhanced security measures. MSPs have become prime targets, with attackers exploiting techniques including phishing, social engineering, vulnerability exploits, credential compromises, and supply chain attacks. The need for proactive security measures is more crucial than ever.

Irina Artioli, a Cyber Protection Evangelist at Acronis, stresses the importance of a comprehensive security strategy for MSPs. She advocates for security awareness training, incident response planning, and advanced endpoint protection solutions like extended detection and response (XDR) and multi-factor authentication, underlining the need for a holistic approach to cybersecurity.

Cybersecurity trends

The report also focuses on emerging trends in cybersecurity. Threat actors increasingly use generative artificial intelligence (AI) and large language models (LLMs). AI is being leveraged in various ways, including social engineering and automation attacks.

The report details several AI-generated attack vectors, such as malicious emails, deepfake business email compromises (BEC), deepfake extortions, and the generation of malicious scripts and malware.

Acronis researchers differentiate between AI-generated threats, where AI is used to create malware but not integrated into its operations, and AI-enabled malware, which incorporates AI into its functionality.

Further findings from the report include:

• Bahrain, Egypt, and South Korea emerged as the top targets for malware attacks in Q1 2024.
• Endpoint security measures blocked 28 million URLs in the year’s first quarter.
• Spam emails constituted 27.6% of all received emails, with 1.5% containing malware or phishing links.
• The average lifespan of a malware sample in the wild was reported at 2.3 days.
• Publicly reported ransomware cases reached 1,048 in Q1 2024, reflecting a 23% increase from the previous year.

In terms of cybersecurity trends, ransomware continues to threaten SMBs significantly. Attackers are increasingly exploiting vulnerable drivers to gain system access and turn off security tools. PowerShell was the most frequently detected technique in the MITRE framework in Q1 2024.

The surge in email communications has led to a 47% increase in email attacks, and social engineering attacks have risen by 5% since H1 2023. However, malware attacks have decreased from 11% in H1 2023 to 4% in H1 2024.

The report also notes that cybercriminals increasingly utilise malicious AI tools like WormGPT and FraudGPT. While AI poses a threat, it offers defensive capabilities, enabling round-the-clock attack detection and response to ensure business continuity.

The Acronis H1 2024 Cyberthreats Report is critical for understanding current cyber threats and trends. It is designed to help users, partners, and the global cybersecurity community stay informed about evolving threats and protective measures.

Down the Acronis H1 2024 Cyberthreats Report here: https://www.acronis.com/en-us/resource-center/resource/acronis-cyberthreats-report-h1-2024/ 

Featured image: The surge in email communications has led to a 47% increase in email attacks. Credit: Christin Hume