Orange Cyberdefense, the managed security services provider of the France-based Orange Group, has just released its latest report with some pretty concerning findings – especially for those of us that use a mobile device (so most of us, then).

According to the snappily named Security Navigator 2022, there was a 13% increase in cyberattacks on enterprises over the past 12 months. For the first time, a noticeable wave of attacks against mobile devices was detected from the third quarter.

While a total 94,806 incidents were flagged as being potential threats, 34,156 (36%) were ultimately confirmed to be legitimate security incidents. More than a third (38%) of all confirmed security incidents were classified as malware, including ransomware – an increase of 18% compared with 2020. "The single emergent threat that stands out head and shoulders over the rest in our advisories, is that of cyber extortion, or ransomware," the report said.

The report also found that mobile operating systems like iOS and Android in a business context are an increasingly popular target for exploits. Orange Cyberdefense warned that the situation is likely to get worse in future, as vulnerabilities find their way into the criminal ecosystem.

Indeed, the report said Apple's iOS mobile operating system appeared in twice as many advisories in the first three quarters of 2021 as in the preceding three quarters.

"It seems apparent to us that there has been a wave of vulnerabilities and attacks against this platform in the last few months that have required urgent patching by our users," the report said. "Many of the vulnerabilities appear to emerge from the ever-present 'cyber military complex' that is prepared to invest vast sums of money to access the mobile phone of an individual who is of political ‘interest’ to some government or the other."

Inverse pandemic effect

As was the case in the 2021 report, Orange indicated that the COVID-19 pandemic had comparatively little effect on cyberattacks – or at least not in the way that might have been expected.

Charl van der Walt, head of the security research center at Orange Cyberdefense, noted that cyberattacks tend to decrease during lockdowns, and then pick up again once everyone returns to a more normal way of life.

During a webinar to discuss the report, van der Walt also said it was particularly noticeable that attacks had increased on small companies, as well as on companies in the manufacturing sector.

Want to know more about 5G? Check out our dedicated 5G content channel here on Light Reading.

"The story about small businesses is an important one," he said, pointing out that such companies are typically less able to defend themselves, and also take longer to recover from attacks.

Meanwhile, he attributed the "extraordinary prevalence of our manufacturing clients" n the data to the nature of the industry itself.

"What we think is happening is that manufacturing is falling victim to these crimes, because [companies] are more vulnerable, more visible, because criminals are allowed to dwell within their environments for longer," he said.

Patching up

In terms of vendors, Microsoft and Cisco most frequently appear in security advisories – largely because of their respective massive footprints. Orange said it is not suggesting that these two giants are less secure than other vendors, only that they naturally represent a large proportion of the patching-workload for many businesses.

"Sadly, much of our time still needs to be spent patching Microsoft systems or responding to Microsoft-related threats. And the Microsoft cloud offerings are not immune either, it appears," the report added.

VMware, Pulse Secure, SonicWall, Citrix, Fortinet, F5, Palo Alto Networks and Juniper Networks have collectively appeared in 56 advisories this year. "That's 10% of all the bulletins we issued. Again, we're not suggesting that these technologies are more vulnerable than others," the report said.

Broadly, the message is: stay alert, protect yourself as best you can, and move quickly when you are attacked.

"We operate in an adversarial environment that is characterized by uncertainty and chaos," the report said. "We need to embrace the inevitable chaos, accept the relentless adversary, and adapt our approach to security accordingly."

— Anne Morris, contributing editor, special to Light Reading