53% of companies are left exposed to supply chain cyber attacks


Share this content


Acronis has released its annual Cyber Readiness Report, providing a comprehensive overview of the modern cybersecurity landscape and the key pain points faced by businesses and remote employees worldwide amid the global pandemic. Acronis’ research from last year revealed more than 80% of global companies admitted they were not prepared to transition to remote work – exposing key vulnerabilities businesses must quickly plan and implement solutions for.

Based on findings from this year’s independent survey of 3,600 IT managers and remote employees at small and medium-sized companies in 18 countries across the globe, the report states that 53% of global companies have a false sense of security when it comes to supply chain attacks. Despite the globally recognised attacks on trusted software vendors, like Kaseya or SolarWinds, over half of IT leaders believe that using “known, trusted software” is sufficient protection – making them an easy target.

Attacks growing in volume and sophistication

Three out of ten companies report facing a cyberattack at least once a day – similar to last year; but this year, only 20% of companies reported not getting attacked – a drop from 32% in 2020, meaning that the attacks are increasing in volume.The most common attack types reached record-high levels this year including phishing attacks – that continue to grow in frequency and are now the top attack type at 58%. Malware attacks are also increasing in 2021: making up to 36.5% of all attacks this year – an increase from 22.2% in 2020.

However, this year was the year of phishing as the demand for URL filtering solutions has grown ten times since 2020 – with 20% of global companies now recognising the danger phishing presents to their business.

Despite growing awareness of multi-factor authentication (MFA), nearly half of IT managers (47%) are not using MFA solutions – leaving their businesses exposed to phishing attacks. According to these findings, they either see no value in it or consider it too complex to be implemented.

In response, organisations worldwide have begun to prepare for the growing threats – but for every step companies are taking, cybercriminals have already taken three. The demand for antivirus solutions has grown by 30% – from 43% last year to 73.3% in 2021. However, companies are just discovering that standalone antivirus solutions no longer work against modern threats: we saw the demand for an integrated backup/disaster recovery with antivirus solutions more than double – from 19% in 2020 to 47.9% this year.

Demand for vulnerability assessments and patch management grew significantly from 26% in 2020 to 45% this year. This can be attributed, in part, to the increased volume of vulnerabilities exposed this year in critical and in-core software deployments such as Microsoft Exchange server, Chrome browsers or Apache web servers.

Not surprisingly, the demand for better and more secure remote monitoring and management tools grew over three times – 35.7% this year, up from 10% in 2020. With remote work now being recognised as a long-term default format of work, it’s more important than ever for IT managers to be able to monitor and manage a wide range of remote devices.

In last year’s Acronis Cyber Readiness Report, we saw an increase in adoption of new services – especially SaaS and Cloud Computing services – and this year companies continue to adopt new solutions. However, this has increased the overall complexity of IT environments, which most likely will cause additional breaches and unplanned downtime in the future.

“The cybercrime industry proved to be a well-oiled machine this year – relying on proven attack techniques, like phishing, malware, DDoS and others. Threat actors are increasingly expanding their targets, while organisations are held back by the growing complexity of IT infrastructure,” says Candid Wuest, Acronis VP of Cyber Protection Research. “Only a small number of companies have taken the time to modernise their IT stack with integrated data protection and cybersecurity. The threat landscape will continue to grow and automation is the only path to greater security, lower costs and improved efficiency and reduced risks”.

Remote employees make the most attractive targets

These Acronis findings and external research clearly illustrate why organisations need a cyber protection solution that reduces complexity and improves security to support remote work environments and that this solution must be cost-effective in order to address the increased scale of the remote force.

  • One in four remote employees reported struggling with the lack of IT support as one of the key challenges they faced this year. The top-three tech challenges identified by remote employees globally: Wi-Fi connectivity, using a VPN and other security measures, lack of IT support.
  • One in four remote employees are not using multi-factor authentication – making them easy phishing targets, with phishing being the most common attack type in 2021.
  • On average, one in five remote employees gets heavily targeted by phishing attacks, receiving well over 20 phishing emails per month – with 71% of respondents confirming being targeted by it each month. Learning to identify such attacks through cybersecurity awareness training is crucial in keeping organisations protected and personal assets as well.
  • We have seen attackers aggressively expanding their target pool – it is no longer just Microsoft Windows OS based workloads – where users reported a spike in attacks against Linux, MacOS, Android and iOS devices as well. Attackers are also going after virtualised environments more often.

Unfortunately, cybercriminals don’t need to be tech-savvy to create chaos anymore – take malware for example. Cybercriminal gangs have further expanded their malware-as-a-service model that provides step-by-step guides on how to make a profit out of compromising targets.

Yet, despite the growing dangers for employees, remote work is here to stay; people will continue to work and hire remotely and that’s the reality most IT teams still need to get ready for in finding a solution to hardware shortages, increased complexity and an increased need for IT support and modern cybersecurity solutions. This is an existential crisis companies must prepare for now – the potential costs for not doing so are just too great.

Platform with deeper industry insights

Remote work is here to stay and so are increasingly sophisticated cyberattacks. So, it’s up to both the organisation and the individual to follow the best cyber protection practices available.

If you are keen to learn more about cybersecurity pain points and available solutions for businesses, don’t miss the chance to register for the Acronis #CyberFit Summit World Tour 2021, which kicked off in Miami, Florida on October 25 with a hybrid format, including in-person and virtual. Register now in order to:

  • Attend result-focused virtual sessions for free and learn from world-class experts to explain strategies and deployment options for cyber protection.
  • Enhance your MSP business’ cyber protection capabilities with advice from top IT channel, cybersecurity and industry experts
  • Hear exclusive case studies of successful, profitable and scaling MSPs and MSSPs
  • Learn how to grow your business with cybersecurity-forward services
  • Join hands-on, interactive workshops; insightful panels and breakouts; and inspirational keynotes – while enjoying numerous IT channel networking opportunities

Both the global and regional reports are available for download via Acronis blog.

For more information on any findings or trends featured in the report, you can get in contact via email at: [email protected].

Receive the latest breaking news straight to your inbox