The first half of 2021 saw no slowdown in malicious online activity as Accenture detected a 125% increase in cyber-intrusion incident volume versus the same period last year.
The global consultancy’s mid-year security update blamed the uptick on increased web shell activity, digital extortion including ransomware, and supply chain intrusions.
Consumer goods & services (21%), industrial (16%), banking (10%), travel & hospitality (9%) and insurance (8%) sectors accounted for the majority of malicious activity, although insurance was most heavily targeted by ransomware attacks — accounting for nearly a quarter (23%) over the period.
Accenture claimed that travel & hospitality and retail will come under increasing scrutiny from threat actors going forward as these industries begin to recover post-pandemic.
Unsurprisingly, the US was the most targeted country, accounting for 36% of incident volume, followed by the UK (24%) and Australia (11%).
Mark Raeburn, cyber defense lead for Accenture in the UK & Ireland, argued that cyber-threats threaten to derail organizations at a crucial moment, as economies begin to reopen.
“We’ve found that consumer goods companies in particular are experiencing higher levels of cyber-attacks compared to this time last year as increasing consumer activity creates more opportunities for cyber-criminals,” he added.
“After a challenging year, these organizations cannot afford to have a cyber-attack take them back offline again. Every organization must now prioritize re-evaluating their cybersecurity strategy, ensuring they not only secure their own systems but also fully protect their supply chains and partners.”
Ransomware remained the most prolific threat in the first half of 2021, accounting for 38% of attacks, followed by backdoors (33%). REvil/Sodinokibi was the most common variant (25%), followed by Hades (18%) and DoppelPaymer (16%).
The majority (54%) of organizations hit by ransomware in the first six months of 2021 had annual revenues of $1-9.9 billion, followed by those posting over $10 billion in revenue (20%). However, this could be more reflective of the Accenture customer base than reality.
It’s been claimed elsewhere that most attacks hit companies with under 1000 employees.