Global Cyber Intrusion Activity More than Doubled in First Half of 2021, According to Accenture’s Cyber Incident Response Update
Companies in the U.S. targeted more than those in any other country
The volume of cyber intrusion activity globally jumped 125% in the first half of 2021 compared with the same period last year, according to the Cyber Investigations, Forensics & Response (CIFR) mid-year update from Accenture (NYSE: ACN). The information is derived from directly helping clients respond and recover from a variety of cyber incidents.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210804005200/en/
Accenture Cyber Investigations, Forensics & Response mid-year update (Graphic: Business Wire)
The triple-digit increase (125%) was driven primarily by web shell activity ― i.e., the use of small pieces of malicious code to gain remote access and control ― targeted ransomware and extortion operations, and supply chain intrusions.
Three countries accounted for more than 70% of the incident volume observed by the CIFR team. The U.S. was the most targeted country, accounting for 36% of incident volume, followed by the U.K. (24%) and Australia (11%).
From an industry perspective, consumer goods & services was targeted the most often, accounting for 21% of cyberattacks, followed by the industrial/manufacturing, banking, and travel & hospitality industries, at 16%, 10% and 9%, respectively.
“Many organizations today are only securing their core corporate systems and not fully protecting their supply chain, subsidiaries and affiliates. That’s why it’s critical for companies to have a holistic plan to cover their entire ecosystems,” said Robert Boyce, who leads Accenture’s Cyber Investigations, Forensics & Response business globally. “Industries that previously experienced lower levels of cyberattacks during the pandemic ― such as consumer good & services, industrials, travel & hospitality, and retail ― should reevaluate their cybersecurity posture as increased consumer activity in these industries present renewed opportunities for cybercriminals.”
The findings also detail malware categories by volume, top ransomware variants observed, and industries targeted most often by ransomware in the first half of 2021. Among the key findings:
- The largest malware category observed by volume was ransomware at 38%, followed by backdoors at 33%.
- The top ransomware variant observed was REvil / Sodinokibi, accounting for 25% of ransomware.
- The industry targeted most often by ransomware operators was insurance, accounting for 23% of ransomware attacks, followed by consumer goods & services (17%) and telecommunications (16%).
- Companies with annual revenues between US$1 billion and US$9.9 billion accounted for more than half (54%) of ransomware and extortion victims, followed by companies with annual revenues between US$10 billion and US$20 billion (20%).
About the CIFR Data
Accenture’s Cyber Investigations, Forensics & Response (CIFR) mid-year update is based on data collected from CIFR incident response engagements between January and June 2021. In addition, all intrusion data and analysis are based on Accenture’s distinct collection sources and could be subject to field-of-view limitations, such as Accenture’s client’s size, industry sectors, and geographies served.
To access the CIFR mid-year update, visit our blog here: Triple digit increase in cyberattacks: What next?
To see our previous update, click here.
Accenture is a global professional services company with leading capabilities in digital, cloud and security. Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Interactive, Technology and Operations services — all powered by the world’s largest network of Advanced Technology and Intelligent Operations centers. Our 569,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. We embrace the power of change to create value and shared success for our clients, people, shareholders, partners and communities. Visit us at www.accenture.com.
Accenture Security is a leading provider of end-to-end cybersecurity services, including advanced cyber defense, applied cybersecurity solutions and managed security operations. We bring security innovation, coupled with global scale and a worldwide delivery capability through our network of Advanced Technology and Intelligent Operations centers. Helped by our team of highly skilled professionals, we enable clients to innovate safely, build cyber resilience and grow with confidence. Follow us @AccentureSecure on Twitter or visit us at www.accenture.com/security.
Copyright © 2021 Accenture. All rights reserved. Accenture, and its logo are trademarks of Accenture.