In its report, entitled the Security Navigator 2022, Orange Cyberdefense found that there has been a rise in ransomware incidents as well as a noticeable wave of attacks against mobile devices – a notable first.
“Attacks like Solorigate show that even trusted software from reliable vendors can turn into a trojan horse for cunning attackers. Technology alone cannot be the solution to this problem. As our data shows, we have seen a 13% increase in the number of incidents in just one year, and these incidents keep increasing year on year," said Hugues Foulon (pictured), CEO of Orange Cyberdefense.
The report examines more than 50 billion security events between October 2020 to October 2021, by Orange Cyberdefense’s 18 security operation centres (SOCs) and 14 CyberSOCs.
Through monitoring, the report showed that of the 94,806 incidents flagged as being potential threats, 34,156 (36%) were found to be legitimate security incidents – a 13% increase on the year before. 38% of all confirmed security incidents were classified as malware, including ransomware – an increase of 18% compared to 2020.
The report also found that 64% of the security alerts dealt with by Orange Cyberdefense analysts turned out to be ‘noise’ and did not represent a genuine threat - an increase of 5% on the previous year.
The findings also suggest that many organisations, particularly small and medium sized businesses, will require more resources to filter this massive amount of data for potential threats.
A large proportion of the tech-driven security alerts that our analysts deal with are just noise but this puts a tremendous strain on already stretched IT and security teams," continued Foulon.
"Indeed, not all businesses have the means or resources to employ managed security services providers to help them sift through the ‘noise’ and find the actionable security ‘signals’. We thus believe that security technologies can, and must, do better.”
The document also found that mobile operating systems like iOS and Android in a business context are an increasingly popular target for cyberattacks. Many of these activities are related to commercial companies contracted by law enforcement and intelligence agencies. Orange Cyberdefense predicts attacks targeting mobile devices are likely to continue to increase.
Another key finding is that malware, including ransomware, was the most common type of threat reported during the analysis period, with 38% of all confirmed security incidents classified as malware - an increase of 18% on 2020.