2022 Ransomware Defense Report

REPORT

The SpyCloud Ransomware Defense Report 2022

An annual benchmark of organizations’ preparedness and strategies to close the gaps

2022 Ransomware Defense Report Preview

Our annual survey of 300+ security leaders in the US, Canada, and UK revealed that despite 86% increasing budget to protect against ransomware, 90% of organizations reported being affected by ransomware in the last 12 months – leaving security teams with little confidence in their defenses.

But there is hope. With credentials at the forefront of protecting employee identities, we were intrigued to find multi-factor authentication (MFA) in use at almost all organizations and that monitoring for compromised credentials saw a significant increase year-over-year, from 44% to 73%. And with the increased severity and frequency of malware infections, a majority of respondents agree that credential-stealing malware – especially on unmanaged devices accessing the network – is a growing concern as a hard-to-detect entry point for ransomware.

The 2022 SpyCloud Ransomware Defense Report benchmarks the challenges and proactive approaches to fighting against ransomware. Download the report to:

  • Benchmark your preparedness measures
  • Assess the challenges of third-party risk and the increased severity of malware and data breaches
  • Understand the vulnerabilities created by the riskiest entry points for ransomware
  • Determine how effective your countermeasures are compared to your peers

Solution: Proactive Ransomware Protection
Close the gaps in your ransomware prevention strategy by remediating compromised credentials and malware-infected devices

Get the Report

The SpyCloud Ransomware Defense Report 2022

A few of our happy customers:

The SpyCloud Difference

Stolen credentials – obtained through breaches and malware-infected devices – are a criminal’s all-access pass to your systems. So take them out of the equation. SpyCloud offers early detection and continuous visibility of exposed credentials and negates this threat vector immediately. The effort and cost of recovery from ransomware (not to mention the negative press attention) far outweigh the effort and cost associated with proactive prevention.

SpyCloud acts as a ransomware “early warning system” for hundreds of global enterprises, including half of the Fortune 10.

stat-blocks-stacked

Check Your Exposure

See your real-time account takeover exposure details powered by SpyCloud data.

The CISOs Report: Perspectives, Challenges and Plans for 2022 and Beyond

REPORT

The CISOs Report: Perspectives, Challenges and Plans for 2022 and Beyond

As the attack surface expands, Chief Information Security Officers (CISOs) are grappling with ever evolving challenges, from rapidly increasing ransomware attacks to remote work to supplier risk.

The CISOs Report, a global survey of more than 400 CISOs sponsored by SpyCloud, provides invaluable insights for the leaders of modern cybersecurity teams – to benchmark their posture, experiences, and concerns against others; to learn from what their peers are doing and planning to do; and to validate their own plans and investments for moving forward.

Download this report to see:

  • The ways CISOs are protecting identity as the new perimeter
  • The impact automated solutions can have when faced with a shortage of cybersecurity talent
  • How CISOs are taking action on Zero Trust Models that elevate the importance of identity
Graph showing responses to the question: Please indicate the top 3 priorities for your organization’s cybersecurity team over the next 12 months.

Get the Summary

Download the Full Report

A few of our happy customers:

The SpyCloud Difference

Truly Actionable Recaptured Data

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

stat-blocks-stacked

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

2022 Fortune 1000 Identity Exposure Report

REPORT

2022 Fortune 1000 Identity Exposure Report

Image of SpyCloud's Fortune 1000 Identity Exposure Report

With the continued onslaught of data breaches and malware infections, account takeover and online fraud are serious security threats facing enterprises every day. Add to it employees’ bad habit of using weak and reused passwords, and that creates the perfect opportunity for malicious actors to take advantage.

To highlight the scope of the problem, SpyCloud analyzed the exposed data tied to employees of Fortune 1000 organizations in our database. For this analysis, we examined over 126 million Fortune 1000 employee breach records containing more than 687 million assets, all of which are available to cybercriminals and can be used for malicious purposes.

Download the report to see:

  • The sectors with the highest and most severe exposure
  • The most popular exposed passwords of Fortune 1000 employees
  • The impact of malware-infected employees and consumers
  • Infographics detailing credential exposure, password reuse rates, and more for all 21 Fortune 1000 sectors

Download the Report

Related Resources

2022 SpyCloud Identity Exposure Report
Report

2022 Annual Identity Exposure Report

Our annual reports analyzes the 15.5 billion assets we recaptured from the criminal underground last year, and how enterprises can use this information to protect themselves from ATO, malware, and ransomware, and protect their consumers from online fraud.

Read More

The SpyCloud Difference

Truly Actionable Recaptured Data

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

stat-blocks-stacked

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

2022 Report: Identity Exposure of London’s FTSE 100

REPORT

2022 Report: Identity Exposure of London's FTSE 100

(And Their Subsidiaries)

Graphic of SpyCloud's 2022 FTSE Identity Exposure Report

As data breaches and malware infections continue to leak employees’ credentials and PII at a massive scale, their password reuse remains critically high, creating significant security risks for organisations and the consumers who rely on them to keep their data safe. 

A single set of employee credentials that have been exposed in a third-party breach can leave the door wide open for bad actors to gain entry into a corporate network – but we found that London’s FTSE 100 and their subsidiaries have 2.7 million pairs of exposed plaintext credentials in the criminal underground.

To provide a snapshot of employee identity exposures affecting major enterprises, SpyCloud analyzed the data we’ve recaptured from breaches, malware-infected devices, and other underground sources tied to FTSE 100 and subsidiary employees. We examined over 51 million assets, all of which are available on the criminal underground and can be used for malicious purposes.

  • The types of stolen FTSE 100 employee data criminals have access to, and the danger it presents to these organisations
  • The most popular exposed passwords of FTSE 100 employees
  • Which industries lead in exposed data and severity
  • The impact of malware-infected employees and consumers

Download the Report

Related Resources

2022 SpyCloud Identity Exposure Report
Report

2022 Annual Identity Exposure Report

Our annual reports analyzes the 15.5 billion assets we recaptured from the criminal underground last year, and how enterprises can use this information to protect themselves from ATO, malware, and ransomware, and protect their consumers from online fraud.

Read More

The SpyCloud Difference

Truly Actionable Recaptured Data

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

stat-blocks-stacked

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

2022 Annual Identity Exposure Report

REPORT

2022 Annual Identity Exposure Report

2022 SpyCloud Identity Exposure Report

Last year, SpyCloud recaptured more than 15 billion credentials and PII assets from the criminal underground. That’s a 200% increase in assets recaptured compared to the prior year – ample data that fraudsters are exploiting for identity fraud, which impacts businesses and consumers alike.

Our annual report analyzes this data and sheds light on the trends we observed throughout the year, explaining how enterprises can use this information to protect themselves from account takeover, malware, and ransomware, and protect their consumers from online fraud.

Download the report to see:

  • The trends our researchers observed within cybercriminal communities over the last year
  • Why the rate of password reuse continues to rise
  • Popular passwords influenced by entertainment, politics, and sports (Marvel characters make frequent appearances!)
  • How this stolen data is used to perpetrate ransomware and other targeted attacks
  • The urgency of the malware problem, including a spotlight on RedLine Stealer, and why we’ve put even more focus on collecting bot logs from malware-infected devices
  • The top 12 notable breaches of 2021

Download the Report

Related Resources

Malware Infected User Guide
Whitepaper

Infected User Response Guide

Handy guide to decipher what it means when employee or consumer information appears on a botnet log, and how to contact infected users with an action plan.

Read More

The SpyCloud Difference

Truly Actionable Recaptured Data

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

stat-blocks-stacked

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

2021 Ransomware Defense Report

REPORT

The SpyCloud Ransomware Defense Report 2021

The state of current & future ransomware capabilities
Ransomware Defense Report Preview

We surveyed enterprises and found that they aren’t exactly optimistic about ransomware. They told us that phishing emails and compromised credentials are their riskiest entry points, and yet the majority of organizations lack some basic measures to shore up passwords and authentication.

But it’s not all bad news. Our data shows that organizations are doing many of the right things and moving in the right direction to fight back.

Download the Ransomware Defense Report to:

  • Discover the real magnitude of the ransomware problem beyond high-profile attacks that make the news
  • Compare how your preventative measures stack up to your peers
  • Get best practices you can implement to improve your ransomware defenses

Get the Report

The SpyCloud Ransomware Defense Report
Download the PDF version of the report to print or share with others.

The SpyCloud Difference

Truly Actionable Recaptured Data

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

stat-blocks-stacked

Check Your Exposure

See your real-time account takeover exposure details powered by SpyCloud data.

U.S. Government Credential Exposure Report

2021 SPECIAL REPORT

U.S. Government Credential Exposure

There is arguably no bigger producer, collector, consumer, and disseminator of data on the planet than the United States government. And yet, SpyCloud analysis has shown that its vast network of employees at the federal, state and local levels, including its contractors, are leaving that data exposed to enormous risk.

In 2020 alone, SpyCloud found:

  • 269,690 plaintext government credentials leaked in 465 breaches.
  • More than 1 million pairs of exposed emails and passwords for corporate accounts at the 27 largest companies in the defense industrial base.
  • 800,000 exposed corporate credentials (more than 7,000 per company) for employees at the 109 Fortune 1000 companies in the energy sector.

These exposures provide potential avenues for bad actors to access government resources and create massive risk in the government supply chain.

As this report explains, the prevalence of password reuse and loose credential security protocols are gifts to cybercriminals that expose the U.S. to significant risks. Our “Special Report: 2021 U.S. Government Credential Exposure” provides the prescriptive guidance needed to address this trend, along with a new framework for securing credentials that applies to employees, suppliers, and citizens.

Solution:

Account Takeover Prevention
Detect and automatically reset exposed credentials before criminals can exploit them to perpetrate targeted attacks like ransomware.
Download the PDF version of the report to print or share with others.

The SpyCloud Difference

Truly Actionable Recaptured Data

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

stat-blocks-stacked

Check Your Exposure

See your real-time account takeover exposure details powered by SpyCloud data.

2021 Annual Credential Exposure Report

REPORT

2021 Annual Credential Exposure Report

Annual Credential Exposure Report

2020 was not a typical year. Between the onset of a global pandemic, the shift to remote life, and the turbulent political landscape, consumers shifted their behavior dramatically — and criminals followed suit, swiftly finding ways to exploit these changes. 

Throughout this unusual time, SpyCloud’s researchers have been embedded in criminal networks, using human intelligence (HUMINT) to recover stolen data before it reaches a broader criminal audience or goes public. As a result, the 1.5 billion credentials and 4.6 billion PII assets we’ve recovered provide unique insight into the breaches and botnet logs that have been released to criminal communities over the last year. 

Download the report to see:

  • Trends our researchers have observed within cybercriminal communities over the last 12 months
  • What 2020 themes appeared in people’s passwords last year (covid-19, sourdough, and more)
  • How many credentials containing .gov emails were exposed last year, and what passwords were most popular with government employees
  • The top 10 breaches released over the last 12 months

Download the Report

Solution: Account Takeover Prevention

Reset stolen passwords before criminals can use them to defraud your users or access sensitive corporate data.

Learn More

A few of our happy customers:

Related Resources

Case Study

Top 10 Travel Booking Site

Preventing account takeover begins with monitoring the dark web, but without the ability to match user accounts with a database of exposed credentials, a top 10 travel booking site was vulnerable to attack.

Read More

The SpyCloud Difference

Truly Actionable Recaptured Data

SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.

stat-blocks-stacked

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

2021 Report: Breach Exposure of London’s FTSE 100

REPORT

Breach Exposure of London's FTSE 100

FTSE 100 Breach Exposure Report

Even employees at the world’s largest and most successful organisations use weak passwords, and frequently reuse corporate credentials as personal logins, regardless of security guidelines that prohibit such behavior. When those third-party sites are subject to data breaches, reused employee logins provide easy entry points to corporate systems and networks.

To provide a snapshot of the breach exposure affecting major enterprises, we examined SpyCloud’s entire database to see what exposed data we could tie to FTSE 100 companies and their subsidiaries. We found over 39 million breach assets, including 2.6 million plaintext credentials, tied to these employees. All of this data is available to cybercriminals and can be used for malicious purposes.

  • What kinds of stolen employee data criminals have on FTSE 100 employees, and the dangers it presents for these organisations
  • Which industries are plagued most by employee password reuse
  • The most popular passwords of FTSE 100 employees
  • How many employee and consumer credentials have been collected by keyloggers

Download the Report

Solution: Account Takeover Prevention

Reset stolen passwords before criminals can use them to defraud your users or access sensitive corporate data.

Learn More

The SpyCloud Difference

SpyCloud provides the earliest detection of potentially compromised accounts – those using credentials that have appeared in a third-party breach and are therefore at risk of account takeover. And we automate the remediation of exposed passwords, enabling enterprises to lock down accounts quickly, before damage is done. 

SpyCloud safeguards more than 2 billion employee and consumer accounts from account takeover and follow-on attacks.

stat-blocks-stacked

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.

2021 Report: Breach Exposure of the Fortune 1000

REPORT

2021 Report: Breach Exposure of the Fortune 1000

SpyCloud 2021 Report: Breach Exposure of the Fortune 1000

Password reuse is a leading cause of account takeover, and it’s an issue for security teams everywhere. Data breaches plague every enterprise, including America’s most successful businesses; but even employees who practice good password hygiene may put their employers at risk when third-party data breaches expose personal data that can be used against them.

To highlight the scope of the problem, SpyCloud analyzed breach data tied to employees of Fortune 1000 companies. For this analysis, we examined over 107 million Fortune 1000 employee breach records containing more than 543 million assets, all of which are available to cybercriminals and can be used for malicious purposes.

  • What kinds of stolen employee data criminals have access to, and the dangers it presents for enterprises
  • The most popular passwords of Fortune 1000 employees
  • How many employee and consumer credentials have been collected by keyloggers
  • Infographics showing credential exposure, password reuse rates, and more for all 21 Fortune 1000 sectors

Download the Report

Solution: Account Takeover Prevention

Reset stolen passwords before criminals can use them to defraud your users or access sensitive corporate data.

Learn More

The SpyCloud Difference

SpyCloud provides the earliest detection of potentially compromised accounts – those using credentials that have appeared in a third-party breach and are therefore at risk of account takeover. And we automate the remediation of exposed passwords, enabling enterprises to lock down accounts quickly, before damage is done. 

SpyCloud safeguards more than 2 billion employee and consumer accounts from account takeover and follow-on attacks.

stat-blocks-stacked

Check Your Exposure

See your real-time breach exposure details powered by SpyCloud data.