With 2024 proving to be yet another year of increased levels of fraud and cyberattacks, cybersecurity and data protection firm, Acronis, reveals that the last six months of the year saw a staggering 197 per cent increase for email cyberattacks, when compared to H2 2023.
In its latest report, Cyberthreats Report, H2 2024: The rise of AI-driven threats, Acronis details how, from July to December, nearly half of users were targeted by email-based attacks at least once, and nearly a third (31.4 per cent) of all emails received in H2 2024 were spam, with 1.4 per cent containing malware or phishing links.
Email attacks on managed service providers (MSPs) also increased. Unsurprisingly, phishing was the preferred attack vector for attackers to breach MSP networks, with 33 per cent experiencing email phishing campaigns. This was closely followed by exploits targeting vulnerabilities in Remote Desktop Protocol (RDP) and other remote access tools. This demonstrates how cybercriminals are leveraging common MSP practices to gain unauthorised access and deploy malicious payloads.
“The cyberthreats report from the Acronis Threat Research Unit serves as our biannual pulse on the cybersecurity landscape, offering critical insights into the latest attack trends and vulnerabilities,” said Gerald Beuchelt, CISO at Acronis. “This release highlights the alarming rise of AI-generated attacks and the increasing sophistication of ransomware campaigns.
“By analysing trends from the first half of 2024 and providing actionable recommendations, the report empowers organisations, MSPs, and the cybersecurity industry to proactively strengthen their defences to stay ahead of today’s most pressing risks.”
The report also highlights that advanced persistent threat (APT)-linked ransomware groups are increasingly targeting MSPs, posing a significant and growing risk. These sophisticated actors employ espionage-style tactics, including stolen credentials, social engineering, and supply chain attacks, to infiltrate MSP networks and spread ransomware to client systems. This shift signals that MSPs are no longer opportunistic targets but have become strategic entry points for high-stakes cyberattacks.
Global trends
The UAE was among the most targeted countries by malware attacks in December 2024. The Emirates also experienced the highest percentage of blocked malicious URLs in December (16.2 per cent), followed by Brazil (13.2 per cent) and Singapore (12 per cent).
The report highlights another interesting trend: as remote monitoring and management (RMM) tools become more widely adopted for efficiency, they introduce significant risks to organisational security. Telemetry data from the report reveals that many organisations use multiple RMM tools simultaneously, creating blind spots that attackers can exploit. Without the proper controls, RMM tools can become entry points for ransomware attacks, which cybercriminals often use to cause even greater damage.
Alongside data and analysis from the second half of 2024, the report provides an overview of the top vulnerabilities exploited in 2024 and predictions for 2025, alongside actionable recommendations to help organisations and MSPs strengthen their defences against emerging threats.
