In the second quarter of 2024, the cybersecurity landscape was marked by a surge in ransomware and business email compromise (BEC) attacks, as reported by Cisco Talos. These malicious incidents accounted for 60% of all cybersecurity breaches during this period, highlighting a growing trend in cybercriminal activities targeting organizations across various industries.
Technology firms emerged as the primary targets of cyber attackers, constituting 24% of all incidents in Q2, representing a significant 30% increase from the previous quarter. The researchers pointed out that technology companies are viewed as attractive targets due to their interconnectedness with other industries and critical infrastructure, making them a potential gateway for cybercriminals to infiltrate multiple sectors.
Following technology, the retail, healthcare, pharmaceutical, and education sectors were among the most frequently targeted industries in the second quarter of 2024. These sectors faced cyber threats ranging from ransomware attacks to BEC schemes, compromising their sensitive data and financial information.
The predominant method of initial access by cybercriminals in this period was the use of compromised credentials on valid accounts, which accounted for 60% of attacks. This marks a worrisome 25% increase from the previous quarter, highlighting the growing sophistication of cyber threats targeting organizations worldwide.
Moreover, Cisco Talos identified vulnerable or misconfigured systems and a lack of proper multi-factor authentication (MFA) implementation as the most common security weaknesses observed in Q2. These vulnerabilities were exploited by cyber attackers to gain unauthorized access to organizations’ networks and systems, underscoring the importance of robust cybersecurity measures to prevent data breaches and cyber incidents.
In terms of ransomware trends, Cisco Talos noted a significant rise in ransomware attacks, which comprised 30% of the Talos Incident Response team’s engagements in Q2. Cybercriminals deployed novel tactics to compromise targets, such as using valid tools to maintain persistence and conduct lateral movement within networks. Notable incidents included threats actors leveraging SSH for lateral movement, reactivating disabled user accounts, and coercing victims through harassing messages sent to their personal emails.
On the other hand, BEC attacks accounted for 30% of incidents engaged by Cisco Talos in the second quarter of 2024, marking a slight decrease from the previous quarter. BEC attacks involve cybercriminals compromising legitimate business email accounts to conduct phishing campaigns aimed at obtaining sensitive information and executing fraudulent financial transactions. Techniques used in BEC attacks included smishing, phishing emails redirecting to fake login pages, and creating malicious mailbox rules to send out phishing emails to internal and external recipients.
Overall, the evolving cybersecurity landscape in Q2 of 2024 highlighted the increasing sophistication and diversity of cyber threats facing organizations worldwide. As cyber attackers continue to exploit vulnerabilities and target critical sectors, it becomes imperative for businesses to enhance their cybersecurity defenses, implement robust security measures, and stay vigilant against evolving cyber threats to safeguard their data and operations.