Appgate’s annual Fraud Beat report compiles the latest data from the cybersecurity industry
Against the backdrop of growing cyberthreats, secure access company Appgate has just released this year’s edition of its Fraud Beat report, which brings together the latest cybersecurity data from the industry. One of the main concerns of companies and governments globally, ransomware continues to attract attention. According to the survey, ransomware costs are estimated to reach $265 billion by 2031 – in 2021 alone, more than 700 million such attacks were recorded. The document also reveals that in Latin America the average cost of a data breach was estimated at $2.56 mi last year, a 52% increase compared to 2020.
“Ransomware is by far the most proliferating threat, and what’s more, it’s very difficult to recover from it. As scammers gamble on these attacks, organizations are forced to pay more and more for access to their most sensitive data. Even if they pay, there is no guarantee that any of those files can be recovered,” says Marcos Tabajara, Appgate’s country manager in Brazil.
To contain this threat, Tabajara points out that one must keep in mind that ransomware is a multi-step process that starts with phishing and credential theft. “Reducing external phishing threats and ensuring secure access makes an immediate impact. It is also essential to ensure that privilege forwarding is minimized, preventing lateral movement of agents and their malware. To do this, adopting a Zero Trust perspective is critical to stopping ransomware,” he points out.
Fraud Beat also highlights phishing as the top type of breach since the start of the covid-19 health crisis. The report reveals that occurrences of the genre account for more than 80 percent of reported security incidents, with 74 percent of U.S. organizations having recorded a successful phishing attack.
Another widely used method for carrying out cybercrimes, credential theft has also been escalating and is continuing as a trend. “The motivation for using stolen credentials is 100% financial gain. Hackers prefer to search for them as they easily open the door to complete access to any organization’s network. The network is full of stolen credentials, which give easy access to any organization’s infrastructure,” details Appgate’s country manager.
Mobile attacks, concentrated on cell phones and apps, remain on the list of concerns, as users spend much of their time online, paving the way for criminal techniques that infect the devices and steal important and sensitive data. “Similar to the recommendations given to prevent phishing, educating employees and customers is of paramount importance so that everyone knows how to identify malicious agents and thereby ensure the safe use of a device,” says Tabajara.
“The most effective way to protect is to implement a security strategy focused on assessing risks on devices. A well-rounded mobile fraud protection solution should be able to assess whether a device is at risk (e.g. of being breached), and help organizations decide which devices should be denied based on risk tolerance,” he concludes.
*** Translated by the DEFCONPress Team ***