In recent research conducted by Mandiant, it has been revealed that cybercriminals are increasingly motivated by financial gain. The study shows that over half (55%) of threat groups active in 2024 are looking to extort or steal money from their victims, marking a steady increase from previous years. This shift towards financially motivated attacks indicates a growing trend within the cybercrime landscape.
One of the primary targets for these hackers is the finance industry. With just over 17% of attacks hitting this sector, it is clear that financial institutions are prime targets for malicious actors. However, other industries are also at risk, with business and professional services (11%), high tech (10%), Governments (10%), and Healthcare (9%) also being frequently targeted. This widespread targeting of various industries underscores the fact that no business is safe from cyberattacks, whether they are financially or politically motivated.
Stuart McKenzie, Managing Director at Mandiant Consulting EMEA, highlighted the prevalence of financially motivated attacks and the evolving tactics used by cybercriminals. He emphasized that ransomware, data theft, and extortion are significant concerns, but there is also a rise in infostealer malware and the exploitation of Web3 technologies, including cryptocurrencies. The adoption of artificial intelligence by cybercriminals is making these threats more sophisticated and widespread, posing a greater challenge for organizations to defend against.
According to the research, exploits are the most common initial infection vector, accounting for 33% of attacks, followed by stolen credentials (16%), phishing (14%), web compromises (9%), and prior compromises (8%). This data aligns with previous findings that phishing attacks and stolen credentials saw a surge in 2024, reflecting the popularity of these tactics among cybercriminals.
The research also highlights the prevalence of ransomware-related incidents, which represented 21% of all intrusions in 2024 and made up almost two-thirds of incidents involving monetization techniques. Alongside ransomware, other tactics such as data theft, cryptocurrency theft, email compromises, and campaigns like the North Korean fake job scam are all aimed at extracting money from victims.
In response to these evolving threats, organizations are encouraged to proactively gather insights and implement processes and tools to collect and analyze threat intelligence from diverse sources. By staying ahead of these trends and investing in cybersecurity measures, businesses can better protect themselves from cyberattacks and mitigate the risks associated with financially motivated cybercrime.
Overall, the research from Mandiant sheds light on the increasing financial motivation driving cybercriminal activities and underscores the importance of cybersecurity vigilance in today’s digital landscape. Organizations must remain vigilant and proactive in their efforts to safeguard their data and networks from malicious actors seeking financial gain.