Search
Close this search box.

Blog

Increased Ransomware, Phishing and Malware Attacks. Are You Prepared?

Samir Desai explains how enterprise IT organizations will face even more serious cyber-attacks in 2022 and beyond.
April 26, 2022

Increased Ransomware, Phishing and Malware Attacks. Are You Prepared?

Cybercriminals are attacking corporate networks at least 50% more [1] frequently than they did in 2020. By the end of 2021, there were over 900 attacks per organization every week – an all-time high that you can bet will continue [2] throughout 2022.

Digital transformation goals were already driving cloud adoption well before the pandemic. Since then, enterprises like yours have the added responsibility of providing network access to their workforce from anywhere. That means employees are using the public internet and personal devices to access business cloud applications more than ever before.

At the same time, digital investments have become mission-critical for the modern enterprise. Not only are they necessary to support your distributed workforce, they’re also a must-have competitive advantage.

But these initiatives have introduced new challenges that IT and security departments must overcome. Your cybersecurity perimeter has expanded exponentially and put a target on your company’s back.

What does this mean for your enterprise? Time is running out for you to keep corporate data and critical business assets under lock and key – or, by extension, to keep an eye on the keys scattered across your network.

Simply put, it’s time to prepare for the reality of modern cybersecurity. Let’s take a look at the threat landscape and dangers that threaten enterprises in 2022.


The Dangerous World We Live In

If there’s anything that IT leaders can agree on, it’s that cyber threats are a growing concern. From the time you started to read this blog, at least six new attacks [3] have occurred. In fact, for only the second time in its 10-year history, the Allianz Risk Barometer [4] – a global survey of corporate risk – has ranked cyber incidents as the most important risk to businesses in 2022.

Why? Because regardless of industry – whether it be manufacturing, healthcare, retail, or finance – corporate data is a commodity of immense value. Data has become a lucrative target for hackers to hang over your company’s head and squeeze as much money as they can in return.

According to IBM, the average cost of a data breach in 2021 was $4.24 million [5] – the highest sum in recorded history. For data breaches where remote work played a factor, the cost was $1 million more. Any way you look at it, this is an expense that no company can afford to pay, and certainly not on a recurring basis.

Data has become a lucrative target for hackers to hang over a company’s head and squeeze as much money as they can get in return.


Threats on a Breakneck Rise

When you consider the accelerating prevalence and complexity of attacks, it’s no wonder that the cost of a single incident is growing to match. For enterprises, there’s an entire rogue’s gallery of threats that are a possible nightmare for IT security teams:

  • Malware: According to McKinsey, the number of unique malware strains has increased exponentially since 2002, to over 130 million [6]. Newer, more complex types of malware are “fileless,” meaning they deploy malicious code embedded in native scripting language or written directly into memory, allowing them to move laterally in the environment.
  • Ransomware: Globally, there were over 623 million ransomware attacks [7] in 2021, triple the amount recorded just two years prior. Ransomware victims paid more than $600 million to cybercriminals in 2021.
  • Phishing attacks: Social engineering attacks prey upon human error and target unsuspecting users across your network. Per Cisco, 90% of data breaches [8] are the result of phishing attacks.
  • Distributed Denial of Service (DDoS): Ransom-motivated DDoS attacks increased 29% year-on-year [9] and 175% between Q3 and Q4 2021. With an explosion of connected devices and IoT technologies on your corporate network, these endpoints are a dangerous threat vector. Such devices typically lack adequate security controls – a vulnerability frequently targeted by malicious hackers.

Indeed, cyberattacks are increasing in quantity, but they’re also becoming much more daring overall. For example, take the case of SolarWinds. In 2020, an attack believed to be sponsored by Russian intelligence slipped malicious code – called an SQL injection – into SolarWinds’ Orion software and used it to launch a massive attack on at least 18,000 customers, including the U.S. government and many Fortune 500 companies. The hackers were able to infiltrate and access the networks of countless Orion users.

But SolarWinds is far from the only victim of a high-profile cyberattack in recent years. From Colonial Pipeline to Kaseya to JBS, enterprises large and small have fallen prey to breaches in security, often to devastating results.

According to a SpyCloud report, 543 million breached assets [10], including 25.9 million credentials tied to Fortune 1000 employees, were available to cyber criminals online in 2020.


The Cloud-sized Security Gap

Companies have long invested in digital technologies to optimize their businesses, and that’s a trend that shows no signs of slowing down – for good reason.

Digital transformation fueled time-to-market acceleration and allowed organizations to compete in an increasingly crowded marketplace of firms. At the same time, strengthening your tech stack doesn’t necessarily mean an equal investment in security – leaving critical vulnerabilities exposed in the process.

Of those investments, cloud migration has certainly led the charge. The race to the cloud began as a stroll, but the pace accelerated to a full-on sprint with the necessity of hybrid work during the pandemic. In fact, Gartner predicts global cloud spending [11] to surpass $480 billion in 2022 – a 21.7% increase.

Worse yet, remote users are expanding the attack surface and increasing risk.

With 83% of workers [12] in favor of hybrid work, global connectivity is now mission-critical. But as organizations shift to the cloud, complexity increases with every vendor added. Worse yet, remote users are expanding the attack surface and increasing risk. Simply put, security teams are struggling to maintain pace with the rate of change.


More Threats Around the Corner

All told, the state of cybersecurity appears to be bleak – especially when you look ahead to the future. According to IBM, there are plenty more threats in store [13] for enterprises in 2022:

  • Cloud-bound malware will proliferate considerably.
  • Ransomware gangs will increase DDoS attacks.
  • State-sponsored financial attacks will rise.
  • Cybercriminals will deploy more sophisticated tactics.
  • There will be an outcry for zero-trust user and application security.

Indeed, enterprises are facing a grim reality. Without a comprehensive suite of next-generation networking and security technologies, businesses are leaving their most critical assets exposed. That’s why cutting-edge frameworks, like Secure Access Service Edge (SASE), are key to the future of enterprise cybersecurity.

Citations

[1] https://blog.checkpoint.com/2022/01/10/check-point-research-cyber-attacks-increased-50-year-over-year/

[2] https://www.industryweek.com/technology-and-iiot/cybersecurity/article/21184175/prepare-for-more-cyberattacks-in-2022

[3] https://cybersecurityventures.com/global-ransomware-damage-costs-predicted-to-reach-20-billion-usd-by-2021/

[4] https://www.agcs.allianz.com/news-and-insights/reports/allianz-risk-barometer.html#top10

[5] https://www.ibm.com/security/data-breach

[6] https://www.mckinsey.com/business-functions/risk-and-resilience/our-insights/cybersecurity-trends-looking-over-the-horizon

[7] https://www.sonicwall.com/2022-cyber-threat-report/

[8] https://umbrella.cisco.com/info/2021-cyber-security-threat-trends-phishing-crypto-top-the-list

[9] https://portswigger.net/daily-swig/report-ddos-attacks-increasing-year-on-year-as-cybercriminals-demand-extortionate-payouts#:~:text=Distributed%20denial%2Dof%2Dservice%20(,study%20on%20cyber%2Dattack%20trends

[10] https://spycloud.com/2021-report-breach-exposure-of-the-fortune-1000/

[11] https://www.gartner.com/en/newsroom/press-releases/2021-08-02-gartner-says-four-trends-are-shaping-the-future-of-public-cloud

[12] https://www.accenture.com/us-en/insights/consulting/future-work

[13] https://securityintelligence.com/articles/cybersecurity-trends-ibm-predictions-2022/

About GTT

GTT connects people across organizations, around the world, and to every application in the cloud. Our clients benefit from an outstanding service experience built on our core values of simplicity, speed, and agility. GTT owns and operates a global Tier 1 internet network and provides a comprehensive suite of cloud networking services. We also offer a complementary portfolio of managed services, including managed SD-WAN from leading technology vendors.

 

Related RESOURCES

Uncategorized

Top Cybersecurity Trends of 2025: What You Need to Know

In 2024, cybersecurity is a critical concern for businesses of all sizes. As global data breaches increase by 72% in 2023 alone, the consequences of ...
Uncategorized

What is Network and Security as a Service (NSaaS) and How Does it Benefit Your Enterprise?

As the cybersecurity landscape evolves rapidly, businesses face a dual challenge: managing increasingly complex networks while safeguarding against emerging threats. Networking and Security as a ...
Uncategorized

Why Managed Services Make Sense for a SASE Framework

The co-managed option helps companies solve their challenges, while upskilling internal teams and improving performance. GTT’s latest research-based white paper, Trends and Solutions for a ...
Blog

The Big Takeaway: 97% Say Cybersecurity & Network Integration is the Logical Next Step

When it comes to SD-WAN and SSE, as well as cybersecurity and networking teams, integration provides a range of benefits across the enterprise. GTT’s latest ...
Blog

5 Common Ways Cybercriminals Spread Malware (and How To Outsmart Them)

There are currently around 1.2 billion malicious programs and potentially unwanted applications in existence, with threat actors deploying an average of 200,454 unique malware scripts ...
How is ESG part of working at GTT?
Blog

How is ESG part of working at GTT?

At GTT, we are passionate about supporting people – and it is that passion that drives our commitment to enhancing and growing our environmental, social ...
The Power of Training, Mentoring and Learning at GTT
Blog

Unlocking My Full Potential: The Power of Training, Mentoring and Learning at GTT

In a world where the pursuit of personal and professional excellence is a constant endeavor, I’m proud to work at GTT. Its mentoring and learning ...
DDoS attacks
Blog

DDoS Attacks in the First Half of 2024

Recent DDoS attacks including the Port of Seattle and Microsoft are showing that Cybercriminals are becoming more bold and attacking organizations regardless of size or ...
Young female engineer concept. GUI (Graphical User Interface).
Blog

How to Choose The Right SD-WAN Managed Service Provider for Your Business

Many factors can influence an enterprise's decision regarding which MSP to work with for SD-WAN, SSE and a SASE framework. But most agree on which ...

OUR GARTNER RATING

Gartner Peer Insights logo
4.2


62 Reviews

88%
as of the last 12 months

Talk to an Expert

Interested in learning more about GTT products & services? Please complete this short form to schedule a call with one of our sales consultants.

Thank you for your information. One of our sales consultants will be in touch with you.

Scroll to Top