Acronis Cyberthreats H2 2024 Report: Ransomware and AI are a dangerous mix

by

The figures are in, and 2024 saw a rise in both the number and severity of attacks. In 2025, the trend is likely to continue.

The&nbsp, Acronis Cyberthreats H2 2024 Report&nbsp, reveals why managingcybersecurity is probably more difficult than it has ever been and hasn’t geteasier anytime soon. The report provides detailed analysis of the cybersecurity landscape, highlighting essential trends and emerging trends, and providing forecasts for 2025.

The second half of 2024 in particular saw an increase ofalmost 200 % in email attacks as the dominant threat, ransomware, continued to menacemanaged service providers ( MSPs ) and IT departments. Hackers are using more sophisticated artificial intelligence ( AI ) to create more successful and scheinivable phishing schemes. Phishing is far and away the mostcommon attack vector, at the root of 74 % of attacks.

Other data also reveals the risks that are present in the cybersecurity environment.

Keyfindings from the Acronis Cyberthreats H2 2024 Report

A couple statistics reveal the state of security as 2025 progresses:

  • In contrast to the second half of 2023, the number of email-based attacks detected in the second half of that year increased by 197 %, while the number of attacks per organization increased by 21 %.
  • There was a 5 % increase inransomware attacks in 2024, with some specifically targeting Professionals and industriessuch as transportation, health care and production.
  • Acronis blocked more than 48 millionURLs at the terminal in Q4 2024, a 7 % increase compared to Q3 2024.
  • There were 1, 712 ransomwarecases formally mentioned in Q4 2024. RansomHub, Akira, Play and KillSec wereamong the major donors, with 580 patients in total. The Cl0p ransomwaregroup was very active in December, with 68 patients.
  • 31.4 % of all emails received in H2 2024 werespam, and 1.4 % contained malware or phishing links.
  • The most qualified target countries for malicious attacks in December 2024 were Singapore, Italy, and the United Arab Emirates.
  • At the end of December 2024, the United Arab Emirates had the highest percentage of malicious URLs blocked ( 16.2 % ), followed by Brazil with 13.2 % and Singapore with 12 %.

Acronisexperts included a some important observations in the document, too:

  • The most prevalent threat was once again hacking, which was by far the most prevalent form of attack. Although they accounted for just 22 % of threats, social engineering attacksincreased 7 % year over year from H2 2023 to H2 2024.
  • In order to exploit vulnerabilities and demand higher bounties, intruders in 2024 used personalized tactics and AI-driven strategies. This trend reflects a shift towards more sophisticated, large-scale attacks aimed at maximizing disruption and economic gain.
  • The rise in sophistication and the number of strikes demonstrates how crucial it is for Professionals to provide advanced security measures and incident response strategies in protecting organizations.

What happened to security in 2024?

A few general changes that were found last year are highlighted in the document.

AI-driven challenges

The use of AI by scammers is a growing issue. Hackers are using illegal models like WormGPT and FraudGPT to distribute and create malware, making it easier for attackers to launch advanced campaigns using tools like ChatGPT and WormGPT. Generational AI is still being used by hackers to make phishing attempts appear more serious and reliable.

Important industries under assault

The financial companies, heath care and services sectorswere numerous goals. For example, the ransomware attack on Patelco CreditUnion affected 726, 000 buyers, and the breach at Evolve Bank &amp, Trustimpacted 7.6 million Americans.

Health maintenance in the sights

The healthcare sector was the one that had the highest average annual cost of abreach, highlighting the significant financial and reputational risks associated with cyberattacks, at$ 9.77 million.

What’s tocome in security in 2025?

A few negative styles will probably continue to advance with the year 2025, while some fresh problems and technologies will enter the security field.

Ransomware hegemony

With more and more sophisticated AI being used by cybercriminals to manage and scale their attacks, and newransomware variants aiming to target cloud backups, making recovery virtually impossible without strong defenses, ransomware will likely continue to rule.

Double bribery techniques

Attackers are likely to use twice extortion strategies, demanding ransoms to decipher files as well as to stop the release of sensitive data.

ZTA and IAM

MSPs and IT departments will increasingly use Identity and Access Management ( IAM ) and Zero TrustArchitecture (ZTA ) systems to prevent unauthorized data access and manage secure access to sensitive information andsystems.

Internet safety

Long-dormant concerns about IoTsecurity will take a prominent place in the cybersecurity landscape as a result of the exponential growth of internet of things ( IoT ) devices.

Quantum computing

Quantum computingwill present new problems, necessitating the investigation of quantum-resistantcryptography. Quantum computers can perform calculations rapidly fasterthan classic computers, threatening the protection of widely-used techniques. In2025, companies will need to examine quantum-resistant crypto to protectsensitive details.

What MSPscan IT professionals can do to safeguard themselves

A few fundamental best methods, as always, you help MSPs safeguard clients and IT professionals from their operations. For 2025, fivecritical best methods include:

    Apply multilayered safety: Combine behavioral analysis, model monitoring and AI-driven monitoring to detect and prevent AI-generated threats.

  1. Keep updated: Frequently release software and security protocols to address Artificial vulnerabilities.
  2. Employee education: Implement security awareness training to teach partners and employees how to identify AI-powered phishing attempt, deepfakes, and different social engineering schemes.
  3. Use AI-enabled security solutions to identify and combat threats more quickly and effectively.
  4. To reduce the risks associated with Artificial use, employ clear policies, screen AI activity, and comply with data privacy laws.

For MSPs, the ability to control security, back andrecovery, patch management and other important elements of client protection ina one system can deliver efficiency, cost savings, improved client serviceand increased profitability. Operators are given the ability by AcronisCyber Protect Cloud. &nbsp,

As 2025 unfolds and challenges support, Acronis may continueto assess and report on the security landscape. Download the full 2024report to fully understand the security changes of the past year and get a sense of what’s ahead.

DNS checker

Leave a Comment