Skip to main content

Our latest BrightCloud®️ Threat Report is finally here! This year, our findings show us that cybercriminals are improving their efforts to evade detection. 2021 was the year where everything security-related that could go wrong did go wrong. We witnessed unprecedented attacks on the supply chain around the world. Despite American and Russian coordinated efforts to take down Emotet, REvil, and Conti, cybercriminals found avenues to resurrect themselves and carry out their lethal efforts.

The normalization of remote and hybrid work continued to shift the way bad actors pursue lucrative avenues for exploitation. We also witnessed cybercriminals strategically releasing their executed attacks during specific times of the year.

Our report is full of great insights. Some key findings include:

  • The Middle East, Asia, and Africa were the regions with the highest percentage of infections.
  • 53% of consumer PCs were infected more than once, and 19% infected more than 5 times.
  • Apple was most often impersonated company in phishing attacks.
  • Of all the places where malware could hide on business PCs, it uses %temp% more than half the time.

“With the introduction of Windows 11, bad actors won’t think twice about engaging in new and dangerous exploits that leverage new features not previously available.”

- Grayson Milbourne | Security Intelligence Director

  • During 2021, 82% of ransomware attacks targeted organizations with less than 1,000 employees. The smallest organizations, with 100 employees or less, comprised 44% of ransomware victims.
  • The year-end average for ransomware payments in 2021 more than doubled the 2020 average, hitting $322,168.

By combining layers, like inspecting all incoming emails, keeping PCs fully patched, using antivirus software and endpoint protection tools on all PCs and educating users on how to avoid phishing attacks and other forms of social engineering, you can make it less likely that attacks will succeed.

  • In 2021, we discovered over 4 million new high-risk URLs in 2021, almost 66% of them involved in phishing.
  • Bad actors like to time their phishing attacks. In the month of May alone, we witnessed a 770% increase in phishing activity.

To thwart these types of phishing attacks, users need to be trained to recognize shortened URLs and to find out where they redirect before clicking on them.

Last year was marked by innovation across the threat landscape. In this year’s full report, we delve into the developments affecting businesses large and small.

Download the report and discover for yourself our complete analysis and predictions powered by our BrightCloud®️ Threat Intelligence.

Be sure to sign up for our Webinar to learn more and win prizes

 

I was surprised by this statement "The number of malware files reaching Webroot-protected Windows endpoints dropped 58% from 2020 to 2021. That’s an incredible shift."

I agree, that's an incredible shift, but just goes to show that the endpoint is not the goal it is merely a vector to reach a target and that threats are changing. 


The UK only had 2.1% of dodgy URL’s with and out front leader being the US on 64.8%


It was Interesting to read that the smaller companies are starting to be hit more.


I bet those that were infected 5 times were absolutely sure that they didn’t need to worry about security too!


Good read, well written. Taking some pointers to go back to my boss for our next security review meeting.


It was Interesting to read that the smaller companies are starting to be hit more.

The bigger ones have gotten wise to a lot of it and invested in their security / training. A lot of smaller companies (in my experience at least) seem to prefer to bury their heads in the sand and think it will never happen to them


Educate your users. Not to be overlooked!

Well said and yet still so many companies are quick to blame their IT team


Can't get over pcs being infected more than 5 times! Do people not learn?!

"53% of consumer PCs were infected more than once, and 19% infected more than 5 times"

 


I think it is just amazing how some machines were infected more than 5 times. 5!!

 

People should get more in the way of cyber training. We’re taught as kids never to talk to strangers, but download all sorts of junk on our PCs containing sensitive data when we grow up...


 53% of consumer PCs were infected more than once, and 19% infected more than 5 times

The 19% of people falling for it 5 or more time are the people who need to be signed up to Webroot training ASAP😶 It beggars belief how they don’t realise after 2, 3, 4 times….

 

Apple was most often impersonated company in phishing attacks.

This does not surprise me at all, people (nee. Apple users) seem to have a built-in trust, probably because of Apple positioning themselves as the good guy vs Facebook in the privacy war. So attacks using Apple are surely more likely to be successful as the users see the company name and don’t think twice before clicking (unfortunately) 


  • The Middle East, Asia, and Africa were the regions with the highest percentage of infections.

not too surprised by this statement


  • The Middle East, Asia, and Africa were the regions with the highest percentage of infections.

not too surprised by this statement

Nor me!


Not saying I’m cynical or anything, but nothing in this report really surprised me. Except Japan. Be nice to know what they are doing differently.


Great rreport. Eye opener. Have passed along to our Account managers


Interesting take concerning the Apple impersonations. Is an impersonation of Apple easier then Android, because Apple is more desirable? Or because Apple is more identifiable vs the multiple companies that utilise Android across flagship phones?

Strange trying to put myself in that though process!


Great to see the ANZ region see a drop of 51% in infection rates between 2020 and 2021!


Interesting take concerning the Apple impersonations. Is an impersonation of Apple easier then Android, because Apple is more desirable? Or because Apple is more identifiable vs the multiple companies that utilise Android across flagship phones?

Strange trying to put myself in that though process!

I believe Apple ranks very high (depending on what survey you look at) on the list of bets known company names. Also, Apple products are desirable by lots of people and expensive, so I’m sure thinking you won an iPhone or iPad is a thrill and pulls people in.  


Small organization are the primary targets,  and this is a rilevant data that has to be deeply considered. 


“53% of consumer PCs were infected more than once, and 19% infected more than 5 times”

For this reason expecially during the last year we are receiving from companies to organise cyber security courses

 


  • The Middle East, Asia, and Africa were the regions with the highest percentage of infections.
  • 53% of consumer PCs were infected more than once, and 19% infected more than 5 times.
  • Apple was most often impersonated company in phishing attacks.
  • Of all the places where malware could hide on business PCs, it uses %temp% more than half the time.

These statistics are extremely interesting to me. It’s important to report this kind of information to our customers so ensure that they’re aware how easy it is to get infected. I bet most of the users don’t even realise they have infections. I will bring up the issue with the %temp% folder because most of our customers don’t realise it exists! 


Very interesting! thanks for info!


Great info, thanks for all you guys do. 


Congratulations to @Heltus 

it’s very tedious to add you all to these wheels :)

You win the Lego X-Wing!

Great answer kid, that was one in a million

Look out for a DM and hopefully you have a shipping address in US, UK, CA (and you don’t mind a couple more goodies)


Congratulations to all the winners!

 


Well done all!


Reply