53% of global companies have a false sense of security when it comes to supply chain attacks, according to a report from security firm Acronis.
Based on a survey of 3,600 IT managers and remote employees working at small and medium-sized companies in 18 countries across the globe, the report states that despite the globally recognized attacks on trusted software vendors, like Kaseya or SolarWinds, over half of IT leaders believe that using “known, trusted software” is sufficient protection – making them an easy target.
Attacks growing in volume and sophistication
Three out of 10 companies report facing a cyberattack at least once a day. The most common attack types reached record-high levels this year, including phishing attacks – that continue to grow in frequency, and are now the top attack type at 58%. Malware attacks are also increasing in 2021: detected by 36.5% of companies this year – an increase from 22.2% in 2020.
- This year was the year of phishing: the demand for URL filtering solutions has grown 10 times since 2020 – with 20% of global companies now recognizing the danger phishing presents to their business.
- Despite growing awareness of multi-factor authentication (MFA), nearly half of IT managers (47%) are not using MFA solutions – leaving their businesses exposed to phishing attacks. According to these findings, they either see no value in it or consider it too complex to be implemented.
In response, organizations worldwide have begun to prepare for the growing threats – but for every step companies are taking, cybercriminals have already taken three.
- The demand for antivirus solutions has grown by 30% – from 43% last year to 73.3% in 2021. However, companies are just discovering that standalone antivirus solutions no longer work against modern threats: we saw the demand for an integrated backup/disaster recovery with antivirus solutions more than double – from 19% in 2020 to 47.9% this year.
- Demand for vulnerability assessments and patch management grew significantly: from 26% in 2020 to 45% this year. This can be attributed, in part, to the increased volume of vulnerabilities exposed this year in critical and in-core software deployments such as Microsoft Exchange servers, Chrome browsers or Apache webservers.
- Not surprisingly, the demand for better and more secure remote monitoring and management tools grew over three times – 35.7% this year, up from 10% in 2020. With remote work now being recognized as a long-term default format of work, it’s more important that ever for IT managers to be able to monitor and manage a wide range of remote devices.
“The cybercrime industry proved to be a well-oiled machine this year – relying on proven attack techniques, like phishing, malware, DDoS and others. Threat actors are increasingly expanding their targets, while organizations are held back by the growing complexity of IT infrastructure,” says Candid Wuest, Acronis VP of Cyber Protection Research.