2021 Brand Intelligence Trends
Editor’s Note: The following post is an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.
Insikt Group used the Recorded Future® Platform to look at mainstream news, security vendor reporting, technical reporting around malware, vulnerabilities, security breaches, and dark web and underground forums from January 1, 2021, to December 31, 2021. The trends outlined below illustrate the current threat landscape observed via our Brand Intelligence Module of the Recorded Future® Platform.
Executive Summary
Throughout 2021, organizations faced a variety of cyber threats targeting their brands. While threats affecting brands, such as typosquats, domain abuse, and data exposure, do not garner as much attention as ransomware attacks, it is crucial that organizations actively respond to and mitigate these threats. Threats to brands affect organizations in every sector, both public and private, and can be used as staging grounds by attackers for future cyberattacks.
Data exposure continued to be a persistent threat to organizations across all industries in 2021. Data exposure can be caused by a variety of means, such as misconfigured databases and poor security protecting data held within these repositories. Several organizations felt the repercussions of poor data security in 2021 when millions of their records were exposed and in some instances illegally accessed by threat actors to be sold online to other cybercriminals. Social media services appeared to be particularly affected by data exposure in 2021: multiple platforms, including Facebook, SocialArk, LinkedIn, and Gettr, had large amounts of user data published on dark web and underground forums.
Reputational damage from cyberattacks can be severe. Throughout 2021, ransomware operators have continued using extortion tactics to name and shame their victims, a tactic that gained popularity in 2020. Although it is difficult to assign an exact cost to the reputational damage that results from lost or exposed data, ransomware operators continue to charge high ransoms, from tens of thousands to millions of dollars, and many organizations are willing to pay those ransoms. This willingness to pay suggests that companies believe the alternative of lost reputation or reduced competitive advantage has a cost greater than that of the ransom.
Key Judgments
- We identified more than 1.3 million references to typosquats affecting 10 major organizations in the Fortune 500 in 2021.
- Data exposure continued to be a persistent threat to organizations across all industries in 2021. The average total cost of a data breach in the United States, the country with the highest average cost for 11 years in a row, increased to $9.05 million from $8.64 million, and the average total cost globally was $4.24 million USD in 2021.
- In 2021, we observed over 2 million references appearing on ransomware extortion sites tracked within the Recorded Future Platform, and more than 29 million references using our Dark Web Ransomware Extortion Sites source.
Editor’s Note: This post is an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.
Related