Mid-Year Threat Report Deconstructs the Impacts of Ransomware


Webroot has expanded insight around why cyber criminals are being glorified by releasing its BrightCloud Mid-Year Threat Report. Key findings include a spike in phishing, and the continued role of cryptocurrency in ransomware.

  • May 2021 holds the record for the single largest phishing spike in a single month—a 440% increase.
  • Of devices that were infected once in 2021, 52.36% of consumer and 45.49% of business devices sustained at least one additional infection, revealing that the simplest of security hygiene practices were not implemented before, during or after an initial infection.

Further insights include:

  • Big brands continue to suffer, with potential risks for user engagement. While PayPal only accounted for 1% of the top 200 phished brands, its 1,834% spike in May showed that online payment services and financial institutions remain top targets for phishing attacks.
  • Industries that saw increases in infections rates aligned with those making weekly headlines – with oil, gas and mining increasing 47% so far in 2021, while manufacturing and wholesale trades have both increased 32%. However, the management of companies and enterprises industry has shown significant increase in malware infections– 57% versus the global average
  • Crypto exchanges and wallets are increasingly being targeted by phishing. The Coinbase IPO was immediately followed by a spike. During that time there was a 75% increase in Coinbase phishing pages using HTTPS. Crypto jacking remains active but has declined since March 2020 when we saw the end of several crypto mining operations including Minr, XMROmine and JSECoin. There was a 32% increase in April 2020 followed by a significant decline in June 2021 of 39%.

The Mid-Year Threat Report provides a resource for CISOs and CSOs as they vie to strengthen security contingency plans to protect employees, partners, and customers, and what the trajectory might look like to ensure the cyber resiliency is agile.

Grayson Milbourne, Security Intelligence Director at Webroot said “People aren’t learning from their cyber mistakes, and more concerning, they aren’t equipped with knowledge on how to prevent repeat mistakes. Organisations must take ownership of the issue and do all they can in leading their people to improve security awareness, knowledge and habits”.

Webroot says Management and IT must share the responsibility and must together:

  • Purchase hardware and software to thwart a variety of modern attack vectors
  • Identify network dependencies
  • Manage internal and external communications during the crisis
  • Conduct awareness training to reduce human vulnerabilities
  • Implement backup and recovery procedures to maintain systems after an attack