Ransomware, email compromise are top security threats, but deepfakes increase

While ransomware and business email compromise (BEC) are leading causes of security incidents for businesses, geopolitics and deepfakes are playing an increasing role, according to reports from two leading cybersecurity companies.

VMware’s 2022 Global Incident Threat Response Report shows a steady rise in  extortionary ransomware attacks and BEC, alongside fresh jumps in deepfakes and zero-day exploits.

A report based on cases involving clients of Palo Alto Unit 42’s threat analysis team echoed VMware’s findings, highlighting that 70% of security incidents in the 12 months from May 2021 to April 2022 can be attributed to ransomware and BEC attacks.

VMware, in its annual survey of 125 cybersecurity and incident response professionals, noted that geopolitical conflicts caused incidents with 65% of respondents, confirming an increase in cyberattacks since the Russian invasion of Ukraine.

Deepfakes, zero-days, API hacks emerge as threats

Deepfake technology—AI tools used to create convincing images, audio, and video hoaxes— is increasingly being used for cybercrime, after previously being used mainly for disinformation campaigns, according to VMware. Deepfake attacks, mostly associated with nation-state actors, shot up 13% year over year as 66% of respondents reported at least one incident.

Email was reported to be the top delivery method (78%) for these attacks, in sync with a general rise in BEC. From 2016 to 2021, according to the VMware report, BEC compromise incidents cost organizations an estimated $43.3 billion.