G DATA cyber defense experts identify a total of more than 2021 million different malware samples for 23. The threat report shows that cyber attacks have increased by 25 percent.
For the first time, the current G DATA threat report shows a strong increase in repelled attempts at attacks on companies and private users. From the third to the fourth quarter of 2021, the number of attack attempts increased by 25 percent. The return of Emotet and major security flaws in public-facing services are just the tip of the iceberg.
From Q3/2021 to Q4/2021 – plus 25 percent
At the end of 2021, the number of defended against cyber attacks rose sharply again. The cyber defense experts from G DATA recorded growth of more than 2021 percent for the fourth quarter of 25 compared to the third quarter. Cyber criminals increasingly focused on private users. The number of attacks blocked increased by 29 percent, while the increase for business customers is only 15 percent. An explanation for this: Traditionally, the attackers use campaign days, such as Black Friday and the pre-Christmas period, to invite consumers to visit websites with malware with targeted fake offers.
"The increase at the end of the year comes as no surprise," says Tim Berghoff, Security Evangelist at G DATA CyberDefense. “The return of Emotet in particular is a clear warning sign that cybercriminals will step up their attack efforts again in the future. In addition, there are also critical security gaps such as Hafnium or Log4Shell, which seem like an invitation for attackers. Companies are required to check their systems and make them crisis-proof.”
Emotet: Those declared dead live longer
Emotet is slowly making a comeback (Image: GData).
After a coordinated takedown in January 2021, Emotet returned again in November 2021. An analysis by G DATA identified new variants of the malware for the first time. In recent years, Emotet has gained a reputation as one of the most dangerous malware families, particularly because it is used as a beachhead for cyberattacks on businesses of all sizes. In the past, an initial infection with the malicious program was often followed by blackmailing the compromised company with an encryption Trojan. A look at the top 10 malware shows how great the danger is. Although Emotet was actually only active for three months of the year (January, November and December), the malware already occupies the top spot in the ranking.
Multiple threats every second
However, the following figure shows how great the danger of cyber attacks still is: The security experts identified more than 23,7 million different malware samples in 2021. Compared to 2020, this is an increase of over 47 percent, which shows: Cyber criminals believe that pace still high. They publish almost 65.000 new variants of their malware – that's 45 new attack vectors every minute. In the hope that antivirus solutions will not recognize the "disguised" attackers, allowing them to infiltrate the PC or laptop.
Various Reasons for Decrease in Attack Attempts
Strong increase in threats (Image: GData).
After the first corona year with massive growth rates, the number of attack attempts repelled has fallen significantly year-on-year. Overall, the cyber defense experts at G DATA recorded 2021 percent fewer repelled cyber attacks in 65,3 than in 2020. Attempted attacks by private users were reduced by 69 percent and by corporate customers by 39,1 percent. The reasons for this significant decline are complex: The attackers have refined their methods and attacked companies via unsecured remote access or vulnerabilities in publicly available services such as Log4Shell. But the return of many employees from home office to the office and the interim end of Emotet have also led to a decline.
Malware Top 10: Old acquaintances and new dangers
The top 10 malware have changed significantly compared to 2020. On the one hand, there are many new malware families: a total of six of the ten most common types of malware are new. On the other hand, many different types of malware are represented in this ranking. Recently, Remote Access Trojans have always accounted for a large part of the most common types of attacks. An explanation for the ranking: Attackers combine different types of malware to increase profits. For example, they use Emotet as a malware distributor for the initial infection, derive data from the company with an information stealer such as Dridex and finally encrypt the systems with ransomware such as Shade.
Overview of the top 10 malware (% share in brackets)
- Dridex, 26,3%, information stealers
- Emotet, 14,1%, malware distributors
- Tofsee, 11,0%, Bot
- Bodelph, 6,3%, back door
- Trickbot, 6,0%, Malware Distributor
- Bladabindi, 5,1%, Remote Access Trojans
- Shade, 5,1%, ransomware
- BlackShades, 5,0%, Remote Access Trojan
- Agent Tesla, 4,6%, information stealer
- Pistolar, 4,3%, droppers
"The return of Emotet and vulnerabilities in systems that are accessible from the Internet are just two of countless challenges that companies have to solve this year," says Tim Berghoff. “Responsible people must face reality and make provisions for an IT emergency – just as they must have emergency plans for a fire. The probability of falling victim to a cyber attack is definitely higher than an office fire. And those who prepare for it are able to act even in the worst case and are ready for action again more quickly.”
More at GData.de
About G Data With comprehensive cyber defense services, the inventor of the anti-virus enables companies to defend themselves against cybercrime. Over 500 employees ensure the digital security of companies and users. Made in Germany: With over 30 years of expertise in malware analysis, G DATA conducts research and software development exclusively in Germany. The highest standards of data protection are paramount. In 2011, G DATA issued a “no backdoor” guarantee with the “IT Security Made in Germany” seal of trust from TeleTrust eV. G DATA offers a portfolio from anti-virus and endpoint protection to penetration tests and incident response to forensic analyzes, security status checks and cyber awareness training to defend companies effectively. New technologies such as DeepRay use artificial intelligence to protect against malware. Service and support are part of the G DATA campus in Bochum. G DATA solutions are available in 90 countries and have received numerous awards.