HomeRisk ManagementsRansomware and BEC Account for 60% of Cyber Incidents

Ransomware and BEC Account for 60% of Cyber Incidents

Published on

spot_img

In the second quarter of 2024, the cybersecurity landscape was marked by a surge in ransomware and business email compromise (BEC) attacks, as reported by Cisco Talos. These malicious incidents accounted for 60% of all cybersecurity breaches during this period, highlighting a growing trend in cybercriminal activities targeting organizations across various industries.

Technology firms emerged as the primary targets of cyber attackers, constituting 24% of all incidents in Q2, representing a significant 30% increase from the previous quarter. The researchers pointed out that technology companies are viewed as attractive targets due to their interconnectedness with other industries and critical infrastructure, making them a potential gateway for cybercriminals to infiltrate multiple sectors.

Following technology, the retail, healthcare, pharmaceutical, and education sectors were among the most frequently targeted industries in the second quarter of 2024. These sectors faced cyber threats ranging from ransomware attacks to BEC schemes, compromising their sensitive data and financial information.

The predominant method of initial access by cybercriminals in this period was the use of compromised credentials on valid accounts, which accounted for 60% of attacks. This marks a worrisome 25% increase from the previous quarter, highlighting the growing sophistication of cyber threats targeting organizations worldwide.

Moreover, Cisco Talos identified vulnerable or misconfigured systems and a lack of proper multi-factor authentication (MFA) implementation as the most common security weaknesses observed in Q2. These vulnerabilities were exploited by cyber attackers to gain unauthorized access to organizations’ networks and systems, underscoring the importance of robust cybersecurity measures to prevent data breaches and cyber incidents.

In terms of ransomware trends, Cisco Talos noted a significant rise in ransomware attacks, which comprised 30% of the Talos Incident Response team’s engagements in Q2. Cybercriminals deployed novel tactics to compromise targets, such as using valid tools to maintain persistence and conduct lateral movement within networks. Notable incidents included threats actors leveraging SSH for lateral movement, reactivating disabled user accounts, and coercing victims through harassing messages sent to their personal emails.

On the other hand, BEC attacks accounted for 30% of incidents engaged by Cisco Talos in the second quarter of 2024, marking a slight decrease from the previous quarter. BEC attacks involve cybercriminals compromising legitimate business email accounts to conduct phishing campaigns aimed at obtaining sensitive information and executing fraudulent financial transactions. Techniques used in BEC attacks included smishing, phishing emails redirecting to fake login pages, and creating malicious mailbox rules to send out phishing emails to internal and external recipients.

Overall, the evolving cybersecurity landscape in Q2 of 2024 highlighted the increasing sophistication and diversity of cyber threats facing organizations worldwide. As cyber attackers continue to exploit vulnerabilities and target critical sectors, it becomes imperative for businesses to enhance their cybersecurity defenses, implement robust security measures, and stay vigilant against evolving cyber threats to safeguard their data and operations.

Source link

Latest articles

Parrot 7.3 Released with New Menu System and Improved Daily Usability

Parrot 7.3 Released: A Focus on Refinement and Usability In a strategic move, the Parrot...

How Renown Health Is Transforming Its Digital ID Strategy

Renown Health Innovates Digital Identity Management with Advanced Security Measures Renown Health, a prominent not-for-profit...

Medtronic Breach Affects 3.8 Million Individuals

Medtronic, one of the leading medical technology manufacturers globally, has recently taken steps to...

Ransomware Groups Adopt Citrix Bleed 2, BYOVD, and Supply Chain Credentials

Anubis Ransomware Operation: Exploiting Vulnerabilities for Malicious Gains The Anubis ransomware operation has recently been...

More like this

Parrot 7.3 Released with New Menu System and Improved Daily Usability

Parrot 7.3 Released: A Focus on Refinement and Usability In a strategic move, the Parrot...

How Renown Health Is Transforming Its Digital ID Strategy

Renown Health Innovates Digital Identity Management with Advanced Security Measures Renown Health, a prominent not-for-profit...

Medtronic Breach Affects 3.8 Million Individuals

Medtronic, one of the leading medical technology manufacturers globally, has recently taken steps to...