CrowdStrike Intelligence counted a total of 2,686 ransomware-related data leaks in 2021, marking an 82% increase compared to 2020. Credit: NicoElNino via Shutterstock.

A new survey by cybersecurity specialist CrowdStrike Intelligence shows a marked increase in cybersecurity attacks in 2021, with an increasing threat coming from two countries: Iran and China. In total, CrowdStrike Intelligence counted 2,686 ransomware-related data leaks in 2021, an increase of 82% compared to 2020.

According to the 2022 version of CrowdStrike Intelligence’s annual Global Threat Report released in February, since late 2020, multiple Iran-based entities have massively stepped up their use of so-called “lock-and-leak” attacks to target organizations in the US, Israel, and elsewhere. In this type of attack, hackers use ransomware to target networks and then publish embarrassing or politically sensitive materials on dedicated leak sites, social media, and chat platforms.

Go deeper with GlobalData

Premium Insights

The gold standard of business intelligence.

Find out more

Related Company Profiles

View all

The report also called out China, identifying it as the leader because of its exploitation of 12 new attack vectors developed in 2021. Chinese-based entities focused on several vulnerabilities in Microsoft Exchange and exploited vulnerabilities in routers and virtual private networks (VPNs) to gain access to numerous organizations worldwide; enterprise software products hosted on Internet-facing servers were also identified as popular targets.

In a trend being seen in a growing number of security-related surveys, this year’s report shows that hackers are devoting more focus to exploiting vulnerabilities as enterprises store more data and move more workflows to the cloud. Common cloud attack vectors used by malicious actors include cloud vulnerability exploitation, credential theft, cloud service provider abuse, and the use of cloud services to host malware and hijack “command and control” operations.

In addition to China and Iran, the CrowdStrike report also cautions that Russian operatives are getting more sophisticated in exploiting cloud vulnerabilities. Cozy Bear and Fancy Bear, two hacker groups affiliated with Russian intelligence agencies and linked to previous cyberattacks against US government and enterprise organizations, are specifically singled out for updating their methods to exploit emerging cloud-related vulnerabilities.

Looking at emerging vulnerabilities, CrowdStrike predicts that the next big threat may come from malware focused on smartphones and other mobile devices as a way to gain unauthorized access to bank accounts or to collect sensitive information. And once that happens, look out: history says that once vulnerabilities are identified by one group, small breaches lead to bigger breaches as other malicious actors look to exploit new points of attack before they are closed.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.