Ontinue released its first-ever 2023 Threat Intelligence Report
authored by the Advanced Threat Operations (ATO) team. This report offers a
deep dive into emerging threats, top attacks by industry, and crucial
statistics shaping the cybersecurity landscape.
Cyber attackers are becoming increasingly sophisticated,
using advanced techniques such as social engineering, ransomware, and supply
chain attacks to breach organizations' defenses. As new threats and tactics are
used, it's becoming more challenging for organizations to keep up with the
latest threats and implement effective defenses. In this report, the ATO
team gathered and analyzed intelligence across 600,000 endpoints to help empower
customers and organizations with actionable information to better understand
and mitigate cybersecurity risks more effectively.
Key Highlights from the report include:
2023 Threat Landscape Trends
- The
Rise of Ransomware: Threat
actors are using more sophisticated techniques, targeting organizations of
all sizes and industries. There has also been an increase in adoption of
double-extortion tactics.
- Nation-state Operations: The team saw a
significant uptick in cyber operations by nation-state actors, targeting
governmental and private sectors with sophisticated tactics.
- Internet of Things (IoT) Security: Poorly secured
connected devices have become prime targets for botnet exploitation, DDoS
attacks, and unauthorized access, emphasizing the need for prioritized IoT
security.
- Artificial Intelligence (AL) and Machine Learning (ML)
Exploitation:
Threat actors are leveraging AI and ML for malicious purposes, from
creating convincing deepfakes to evading traditional security measures.
- Supply Chain Vulnerabilities: Supply chain attacks
emerged as a major concern, exploiting vulnerabilities in software
dependencies and compromising trusted vendors.
- Social Engineering Sophistication: Increasingly
sophisticated social engineering attacks are exploiting human
vulnerabilities, posing a substantial threat to sensitive information and
systems.
- Top
Threats Impacting all Industries: The report found that phishing, social engineering,
and vulnerability exploitation as the most significant risks across all
industries.
Attacks Exploiting Real-time Communications to Bypass
Traditional Security Measures
- QR
Phishing's Rise:
The report shines a spotlight on the rising threat of QR Phishing,
elucidating how this method effectively bypasses security measures by
embedding malicious links within QR codes.
- Adversary-in-the-Middle (AiTM) Phishing
Challenges MFA: There's a rise in AiTM phishing attacks exploiting
real-time communications to bypass multifactor authentication, which poses
a significant challenge to traditional security measures.
Information Technology and Construction Sectors Hit the
Hardest by Ransomware
- Targeted
Industries:
Information technology and construction sectors bore the brunt of
ransomware attacks, comprising nearly 50% of all incidents.
- Dominance
of LockBit Ransomware Group: LockBit emerged as the most active ransomware group,
employing a "name and shame" technique, while the 8Base
ransomware group gains notoriety for targeting small- and medium-sized
businesses.
"This inaugural report underscores Ontinue's commitment to
transparency and accountability by providing customers with visibility into
emerging threats, industry trends, and best practices to combat cyber threats,"
said Craig Jones, VP of Security Operations at Ontinue. "This report serves as a foundation for
future reports, establishing Ontinue as a trusted source of timely, relevant,
and insightful threat intelligence. With this release, Ontinue continues to
lead the way in delivering innovative cybersecurity solutions tailored to meet
the evolving needs of organizations, globally.
The report also highlights threats forecasted to impact
organizations in 2024, including AI, IoT, Hacktivism, Supply Chain, BEC, NIS2,
and Ransomware.
Ontinue's ATO team is a group of
Threat Intelligence and Hunting experts dedicated to gathering and curating
intelligence to enrich incidents in Ontinue's Managed Security Operations
service. This report reflects Ontinue's commitment to cybersecurity by providing
valuable insights to organizations as they navigate the evolving threat
landscape.
For the full report, please visit www.Ontinue.com.