Malcolm Tuck, Managing Director at ESET UK: ESET Report Reveals the Biggest Cyber Threats to Businesses in 2022

“ESET, a global leader in cybersecurity, releases three Threat Reports each year, providing in-depth technical analysis of cyber threats and trends from around the world. In order to make this report as accessible and helpful as possible, we have produced our inaugural ESET Threat Intelligence Index, highlighting the key trends impacting businesses and giving predictions and recommendations on how they can protect themselves going forward.

The ESET Threat Intelligence Index sheds light on the most frequent cyberattack vectors for UK businesses in the last third of 2021, and makes sobering reading.

Between September and December 2021, on average ESET blocked 4.8 million web threat and 400,000 unique URLs daily, a rise of 2.6% on May – August 2021. The most frequent external attack vector was brute-force attacks, which work to break into accounts through systematically trying all possible combinations to guess passwords. This was followed by exploitation of the ProxyLogon vulnerability on Microsoft Exchange Server that allows an attacker to bypass authentication by impersonating an admin.

The Remote Desktop Protocol (RDP) attacks that first emerged during the lockdowns of 2020, targeting employees using remote access tools to work remotely, continued to escalate. Similarly, ransomware attacks continued to be as aggressive than ever, with T3 seeing the highest ransom ultimatum of USD 240 million, more than triple the previous record.



There was also a 114% increase in ransomware threats on Android devices. However, we did see a 5.9% decline in threats to macOS devices. Interestingly, the “safest” days for devices was Tuesdays, where telemetry detected the lowest numbers of Android threats on average.

Email threats, often the route in for more serious attacks, saw their detection numbers more than double. This was mainly driven by a rise in phishing emails, with those using DHL and WeTransfer as lures being
particularly popular.

As we move into 2022, we expect to see more opportunistic campaigns designed to harvest sensitive information from our increasingly connected world. And, as cybercriminals are always looking for new means of detection
evasion, we can expect the attacks to become sneakier and sneakier.

Furthermore, since it is likely that geopolitical tensions will remain high for some time, countries whose governments are actively supporting either Ukraine or Russia will likely also be targeted with cyberattacks intended to disrupt, cause damage, and steal information. We already see hacker groups choosing sides and entering the cyber-battlefield guided by their sympathies. Threats will continue to evolve in volume and sophistication, so it is important to remain vigilant.”