2 min Security

‘Cyberattacks were increasingly frequent and complex in 2021’

‘Cyberattacks were increasingly frequent and complex in 2021’

Both the volume and complexity of cyberattacks increased significantly in the past year. This is concluded in a Cisco security study of 2021.

Researchers registered 36 percent more attacks than in 2020. Respondents were most affected by ransomware, which is seen as the biggest threat. Companies’ biggest concerns are zero-day vulnerabilities, hacks of internet-facing applications, phishing attacks and unauthorized access to stolen login credentials.

Attack types

The most challenging attacks were supply chain attacks, such as the infamous SolarWinds breach. Nearly three-quarters of respondents experienced a supply chain attack.

Zero-day attacks increased significantly. According to Cisco Secure experts, more than 2,000 new zero-day vulnerabilities were discovered in the past year, an average of 55 per day. Most of the vulnerabilities stemmed from Log4j.

Furthermore, the researchers highlighted the dangerof the Emotet botnet, which has continued to exist despite an attempted police takedown. Experts indicate that Emotet could become a significant threat to corporate networks because of its high distribution.

In addition, Cisco is pleading for extra attention to the vulnerability of macOS systems. Although macOS systems are often thought to be resistant, nothing could be further from the truth, says Cisco Secure. Its vulnerability was demonstrated by McSnip Backdoor, a macOS malware variant. Cybercriminals packaged the malware in a seemingly innocent screen capture app published on the App Store.

Patching

Furthermore, the experts draw attention to what they see as the greatest threat to corporate networks: poorly maintained and patched systems. The experts urge organizations to optimize their patching procedures.

On a positive note, more and more organizations are having their systems and infrastructure tested. Almost three-quarters of respondents test their systems and infrastructure twice a year. Almost a third do so three times a year.

Tip: German security watchdog BSI urges public to stop using Kaspersky