It’s hard to miss the news these days of companies getting hacked. From the Colonial Pipeline to hospitals to mom-and-pop SMBs, every organization seems to be the target of cyberattacks.
The data proves that out. According to Accenture’s Cyber Incident Response Update, cyber intrusion activity volume globally jumped 125 percent in the first half of 2021 over the same period last year. Leading the pack for incidents was the U.S., which accounted for 36 percent of the attacks globally, followed by the U.K. (24 percent) and Australia (11 percent).
What’s causing these attacks to increase at such a significant (and frankly alarming) pace? The report cited web shell activity (which allows attackers to run commands on servers to steal data or launch subsequent attacks), targeted ransomware, and extortion as the primary types of attacks leveraged by hackers in the first half of this year.
“Many organizations today are only securing their core corporate systems and not fully protecting their supply chain, subsidiaries, and affiliates. That’s why it’s critical for companies to have a holistic plan to cover their entire ecosystems,” said Robert Boyce, who leads Accenture’s global cyber investigations, forensics, and response business, in a statement about the report findings.
Ransomware on the rise
The most prevalent type of these types of attack was ransomware and extortion, according to the report. This is no surprise seeing some of the most significant and costly attacks we have seen in the first half of 2021 include the ransomware attacks on the Colonial Pipeline, JBS, and other large organizations.
While large companies with more than $1 billion in revenue saw the most significant percentage of these types of attacks, a non-minimal 30 percent of attacks were targeted at SMBs and small enterprises below that line of revenue.
Targeting critical and consumer industries
These attacks were also targeted at specific industries. Consumer goods and services saw the most frequent occurrence of attacks. Other highly-targeted industries include industrial and manufacturing, banking and travel, and hospitality.
What comes next?
Many of these targeted industries saw a slowdown during the pandemic in 2020. Accenture urged leaders of these formerly dormant organizations to reevaluate their cybersecurity postures as they are now beginning to reopen their businesses to prevent becoming victims. It predicted that ransomware and extortion especially would continue to challenge organizations despite heightened awareness across all industries.
Accenture also recommended that SMBs and other organizations evaluate their products and supply chains for vulnerabilities or take the necessary steps to patch those vulnerabilities when available. Accenture warned organizations to watch for an uptick in web shell activity, pointing to further attacks.
It’s clear that cyberattacks aren’t going anywhere any time soon. In fact, they are significantly on the rise. SMBs and organizations everywhere should make sure they fully understand the risks they might face and take the necessary steps to mitigate those risks for the sake of their company and its valued customers.