Barracuda report sees an increase in high-risk threats during vacation months.
XDR data reveals threat trends.
Barracuda has published a report on the severity of threats over the course of 2022, finding that a larger number of serious attacks occur during the summer while many employees are on vacation.
Microsoft 365 account compromises increased during the summer.
40% of attacks between June and September 2022 involved logins to Microsoft 365 accounts from suspicious countries. Barracuda classifies these attacks as “high risk”:
“This type of attack accounted for 40% of all attacks during the 90-day window between June and the end of September. The countries that flag an automatic security alert include Russia, China, Iran, and Nigeria. A successful breach of a Microsoft 365 account is particularly risky because it offers an intruder potential access to all the connected and integrated assets the target has stored on the platform. Among other things, analysts look for evidence of multiple-country logins to the same account, such as one from the UK followed an hour later by one from Russia or China. Just 5% of these alarms were ‘false positive’ legitimate logins.”
Meanwhile, 15% of attacks involved a connection between a device and a known malicious IP address. Barracuda classifies these incidents as “medium risk,” since they don’t necessarily mean that a compromise has taken place. Also tracked as medium risk are brute force attacks, which made up 10% of attacks between June and September.
Attacks increase during vacation months.
Looking at data between January and September 2022, Barracuda observed a significant increase in high-risk attacks during the summer. The researchers attribute this to the fact that employees are more likely to be on vacation during these months:
“Cyberattackers target companies and IT security teams when they are likely to be under-resourced. This could be on weekends, overnight, or during a holiday season, such as the summer.
“This is reflected in the XDR data, which clearly shows that despite an overall reduction in threat volume, a significantly greater proportion of threats detected during the summer months were at the higher-risk end of the scale.
“This is worth bearing in mind as we head into another holiday season.”