There was a 50% year-on-year surge in cloud-based email threats in 2021, but a drop in ransomware and business email compromise (BEC) detections as attacks became more targeted, according to Trend Micro.
The security vendor’s 2021 roundup report, Navigating New Frontiers, was compiled from data collected by customer-installed products and cloud-based threat intelligence.
It revealed that Trend Micro blocked 25.7 million email threats targeting Google Workspace and Microsoft 365 users last year, versus 16.7 million in 2020.
The number of phishing attempts almost doubled during the period, as threat actors continued to target home workers. Of these, 38% were focused on stealing credentials, the report claimed.
However, some threat detections declined: ransomware attempts dropped by 21% and BEC by 11% in 2021.
While this might appear good news, Trend Micro claimed this is evidence of more targeted attacks aimed at larger organizations.
In the case of BEC, Trend Micro blocked a higher percentage of advanced BEC emails, which could only be detected by comparing the writing style of the attacker with that of the intended sender. These comprised 47% of all BEC attempts in 2021 versus 23% in 2020, with the remainder detected by analyzing behavior and intent.
BEC was the highest-grossing cybercrime type of 2020, generating losses of nearly $1.9bn, according to the FBI.
Elsewhere, the report warned organizations that despite the surge in newly published vulnerabilities in 2021, nearly a quarter (22%) of exploits sold in the cybercrime underground last year were over three years old.
Overall, Trend Micro blocked over 94 billion threats in 2021, a 42% increase from the previous year.
In the cloud, misconfigured systems were also a critical risk factor in 2021. The report claimed AWS Key Management Service (AWS KMS) and Amazon Elastic Container Service (Amazon ECS) were the Amazon services with some of the highest misconfiguration rates.