Report highlights threats of brand impersonation and ransomware leaks

Cybercrime remains one of the biggest threats worldwide, according to a new report from email cloud security and backup provider Hornetsecurity.

The Cyber Threat Report Edition 2021/2022 details the latest insights and data on the current threat situation with a focus on email communication. The report examines the development of spam and advanced threats, shows which industries are most under threat, and identifies the most frequently used cyberattack methods. It also reviews the most crucial cybercrime-related events of the past year.

40% of all incoming emails pose a potential threat

As the primary means of communication for business, email is one of the main gateways for cybercrime and remains a prime attack vector. Threat researchers at the Hornetsecurity Security Lab found that 40% of all inbound emails out of the total email traffic during the research period posed a potential threat. This includes spam, phishing emails, and advanced threats such as CEO fraud and any type of malware.

Phishing, malicious links, and ransomware are among the most popular attack tactics used by hackers. "Brand impersonation" is especially popular. For this, cybercriminals copy a company‘s corporate design and mimic the sender address in such a way that it can hardly be distinguished from the original, genuine email address. The main aim is to obtain the user's access data or to spread malware via hidden links. At 16.5%, Deutsche Post and DHL are among the top five most frequently imitated brands.

Ransom leaks: trend takes on greater dimensions

Still in its early days just about two years ago, ransom leaks are now widely known. These attacks are an extension of ransomware campaigns: In ransom leak attacks, sensitive data is first copied and then encrypted. If the targeted victim refuses to pay ransom for decryption, the cybercriminals threaten to publish the copied data on their so-called leak websites.

Around 140 files have been published on REvil’s ransomware leak website so far, with new ones being added almost daily. Despite this large volume, the hacker group is only in 5th place among the leak websites with the most published data from ransomware victims.

In addition to these and other insights about the current state of global cybercrime, the Cyber Threat Report Edition 2021/2022 also provides an outlook on further possible developments.

94% of CIOs say extending a DevSecOps culture to more teams is key to accelerating digital transformation and driving faster, more secure software releases.
22% of senior technology decision-makers in the UK identified cybersecurity solutions as the most important factor affecting business transformation.
New product enables organizations to increase observability, consistency and control of machine identities across complex Kubernetes environments.
Civo has published new research, finding that 53% of developers are concerned about the security of Kubernetes.
According to Canalys’ latest cybersecurity forecasts, global cybersecurity spending (including enterprise products and services) will increase by 13.2% in 2023 and remain a key growth sector for channel partners.
Integrated Ivanti/Lookout solution provides organizations with end-to-end visibility and control over their mobile devices and cloud services, reducing the risk of a security breach.
The new capability provides timely insights into risky user data access behaviour for enhanced cloud data security posture and risk management.
The latest OT/IoT security report from Nozomi Networks Labs finds wiper malware, IoT botnet activity, and the Russia/Ukraine war significantly influenced the 2022 threat landscape. Continuing the trend that was observed in the first half of 2022, Nozomi Networks Labs researchers saw hacktivists shift tactics from data theft and Distributed Denial of Service (DDoS) attacks to utilizing more destructive malware in an attempt to destabilize critical infrastructure to further their political stance in the Russia/Ukraine war.