Anna Zhadan Editor Updated on: 16 August 2022

microsoft

It takes a ransomware group, on average, 17 months to either rebrand or seize operations. But even after a complete shutdown, they are never really gone, with the majority expected to resurface in 2022, according to the latest report by IBM.

Over the past five years, the IBM Security X-Force Threat Intelligence team has observed a constant increase in the number of discovered vulnerabilities, which are presenting more opportunities for threat actors. In 2021, 19,649 vulnerabilities were discovered compared to 19,137 found in 2020 and 17,997 in 2019.

Ransomware made up for the largest portion of attacks last year, although their overall frequency reduced to 21% from 23%. These were observed at irregular intervals, although ransomware attacks tended to intensify in May/June and decrease in late summer or early fall.

REvil threat actors were responsible for 37% (over one-third) of all ransomware attacks in 2021 despite permanently seizing operations in October, followed by Ryuk (13%.)

Based on the collected data, many threat groups rebranded in 2021 – on average, it took a group 17 months to rebrand or shut down completely, primarily due to law enforcement activity. However, this doesn’t indicate that ransomware is soon to be tackled. Even those groups that have since disappeared are expected to likely re-emerge in 2022.

“X-Force assesses that criminal ransomware activity will continue into the foreseeable future, based on the high profits generated by this activity and current limitations on law enforcement for widely shutting down ransomware activity,” the report suggests.

Server access was the second most common attack vector (11%,) with the majority of incidents taking place in Asia. During such attacks, a threat actor gains unauthorized access to a server, although it is not always clear what the end goal is. In several recorded instances, cybercriminals exploited vulnerabilities, installed spyware or malware, attempted to steal data, as well as employed penetration testing tools on a server.

Business email compromise came third, although this type of attack seems to be generally declining in popularity. IBM suspects that this new pattern has to do with the more widespread implementation of multi-factor authentication (MFA,) which forces threat actors to shift focus to geographies where MFA is not as widely implemented. Notably, the majority of such incidents took place in Latin America.

When it comes to initial access, the majority of cybercriminals preferred phishing to infiltrate victims’ networks last year. The average click rate for an X-Force Red simulated campaign was 17.8%, with the most spoofed brands being Microsoft, Apple, and Google. In 2020, however, the most popular intrusion method was vulnerability exploitation, which came in second in 2021.

TECH NEWS RELATED

5 of the Best Solutions for Monitoring Website Changes

One of the quickest ways to check a website for new updates is to add the site to your favorite RSS reader and let the tool notify you of any new content. However, an RSS reader can only check for updates within the confines of RSS-formatted code. This limitation ...

View more: 5 of the Best Solutions for Monitoring Website Changes

Hacking group hides backdoor malware inside Windows logo image

Security researchers have discovered a malicious campaign by the ‘Witchetty’ hacking group, which uses steganography to hide a backdoor malware in a Windows logo. Witchetty is believed to have close ties to the state-backed Chinese threat actor APT10 (aka ‘Cicada’). The group is also considered part of the TA410 ...

View more: Hacking group hides backdoor malware inside Windows logo image

Unable to Shutdown due to DDE Server Window Explorer.exe warning

Some users have mentioned that their Windows computer could not shut down due to DDE Server Window. DDE Server is a built-in Windows utility that allows programs on your computer to communicate with each other. However, when you want to shut down your computer, the utility should just allow you ...

View more: Unable to Shutdown due to DDE Server Window Explorer.exe warning

How to Skip Songs with AirPods on iPhone

Controlling music playback from your phone can sometimes be inconvenient. Instead, you can skip songs with AirPods on an iPhone. This guide explains how. Sometimes you need to skip to the following song from the album you’re listening to. However, you may not have your iPhone or iPad close ...

View more: How to Skip Songs with AirPods on iPhone

Microsoft Surface October Event: Surface Pro 9 and everything else we expect

Microsoft has officially announced its fall Surface event, currently scheduled for Wednesday, October 12. Like every year, this is the event Microsoft holds to focus squarely on new Surface PCs, and this year we’re rumored to be in for a big launch. Contents Surface Pro 9 Surface Laptop 5 Surface ...

View more: Microsoft Surface October Event: Surface Pro 9 and everything else we expect

Google Is Shutting Down Stadia in January 2023, Offering Refunds

This site may earn affiliate commissions from the links on this page. Terms of use. Stadia exploded onto the gaming scene in 2019 with some big promises and veteran gaming executives on board. Google said it was committed to making Stadia the future of gaming, but now it’s the past. ...

View more: Google Is Shutting Down Stadia in January 2023, Offering Refunds

Google is sending Stadia to its infamous graveyard of canceled services

What just happened? From the beginning, there were fears that Stadia would end up in Google’s infamous graveyard of canceled services. Those fears have now come to pass, but the death of Stadia is far from the end of cloud gaming as competing services continue to expand. Google has announced ...

View more: Google is sending Stadia to its infamous graveyard of canceled services

Outlook not working after Windows 11 Update

When I installed the Windows 11 2022 Update, I found that my Outlook client was not working or opening, and I received multiple errors. If you gave a similar issue, try the following suggestions to fix the issue. Multiple Outlook Errors after Windows 11 update The following errors occurred for ...

View more: Outlook not working after Windows 11 Update

Say Goodbye to SwiftKey Keyboard on iPhone and iPad

Chaos: a powerful malware infecting multiple systems and architectures

Microsoft Flight Simulator Update Gives Canada a New Look and Greater Detail

Bethesda Releases Video of Inon Zur Playing The Starfield Theme

5157(F): Windows Filtering Platform has blocked a connection

How to remove Add to Favorites from Windows 11 Context Menu

How to Reset Graphics Card on Windows 11 (4 Methods)

20 Best Fixes For Kindle Fire Not Showing Up On PC

How to Change the Style of Hyperlinks in Microsoft Word

5 Tips to Get the Best Results From DALL-E 2

Microsoft finally adds a Task Manager link to the Windows 11 taskbar

Microsoft Flight Simulator - Local Legends #7 Launch Trailer - IGN

OTHER TECH NEWS

Top Car News Car News