Cloud servers are now the most common method of entry for cyberattacks at 41%
Several years ago, the Covid-19 pandemic shook the world, forcing companies worldwide to adopt remote work. Many companies even made this move a permanent feature of their business models. However, changes in IT infrastructure brought about by remote work, such as a move to cloud solutions, also shifted the focus of cyberattacks.
According to the data presented by the Atlas VPN team, cloud servers are now the number one way in for cyberattacks, with 41% of companies reporting it as the first point of entry — a 10% increase from the year before. Cloud servers have replaced corporate-owned servers, the leading attack vector in 2021.
The data is based on the Cyber Readiness Report 2022 by Hiscox. Data for the report was collected via a survey with 5,181 professionals from eight countries responsible for their organization's cybersecurity strategy. The survey was conducted between 30 November 2021 and 21 January 2022.
The top cyberattack vector in 2021, corporate-owned servers, now occupies the third spot on the list. According to the 2022 survey results, 37% of businesses reported them as the main cyberattack entry method.
Meanwhile, the second spot belongs to the business emails. They were named as the main access point for attackers by 40% of businesses.
Other common entry methods include remote access servers (RAS) at 31%, employee-owned mobile devices at 29% — 6% rise from the year before, and distributed denial of service (DDoS) attacks at 26%.
Nearly half of companies experienced cyberattacks in the last year
While the pandemic led to a shift in IT infrastructure in organizations, such as the wider adoption of cloud solutions, the security strategies of businesses fall behind the new technologies.
In total, 48% of companies reported experiencing at least one cyberattack in the last 12 months. Even with a 60% higher cybersecurity spending, cyberattacks rose by 5% compared to the year before.
Out of the surveyed countries, companies in the Netherlands suffered the most. There, 57% of companies reported having experienced cyberattacks in the last 12 months. Organizations in the Netherlands also saw the most significant rise in cyberattacks which increased by 16%.
The Netherlands is followed by France, where 52% of organizations had cyberattacks in the last 12 months. Cyberattacks targeting French businesses rose by 3% compared to 2021.
Next are organizations in Spain. Spain is the only country surveyed where cyber attacks decreased compared to the year before. Cyberattacks targeting Spanish businesses dropped by 2%, from 53% in 2011 to 51% in 2022.
Meanwhile, 49% of companies in Ireland went through cyberattacks in the past 12 months, followed by the United States with 47%. Cyberattack numbers there grew by 10% and 7%, respectively. Other surveyed countries include Germany (46%), Belgium (43%), and the United Kingdom (42%).
While UK businesses saw the least cyberattacks among the surveyed countries, they top the charts for the median cost of all attacks ($28,000).