Especially the “double extortion” and the supply chain
Also in 2021 i two major phenomena observed at the level of IT security were that of the “Double Extortion“and that of attacks on supply chain. records it Yoroigroup company Tinexta in the 2022 annual report on the state of cyber threats faced by our country. The telemetry offered by the platform Yoroi allowed to extract a series of statistics about type attacks “zero-day Malware“, or Malware not known to the signatures of antivirus systemsbeing 76% ofand 0-day Malware threats. In this context, we read about the report, the phishing and it spear phishing are the most adopted carriers in 2021 to start the chain of attack.
As highlighted in 2020, the majority of Malware detected by Yoroi in Italy they belong to the typology of Trojan bancari. The main input vector is represented by Ursnif with a presence of the 33.5% on the total and the presence of Emotet for the 18.9% samples. However, during 2021, the phishingwith the 41.88% of the attacks blocked, was the number one threat to deal with. The second group for blocked request volumes is i malware with a prevalence equal to 38.08%.
The third macro-family of blocked threats are i malicious websites with 19.95%. Regarding Botnets and opportunistic attacks -write the researchers of the guidatada society Marco Ramilli“based on our observations there is a typical distribution of the origin of the incursions in which the United States as territories of origin once again occupy the first place this year with 38% of the share, increasing compared to the year 2020 (34% ).
Additionally, attempts from China (CN) have remained constant from last year at 24%. The third place is held by the Russian infrastructurewhich from our telemetry contain 8% of malicious communications. “Even in 2021, malicious actors continue to prefer email and messaging as a vector for spreading malware: for the fifth year in a row, malicious emails represent a significant part of cyber-attacks.