Ontinue revealed new findings from its Threat
Intelligence Report 1H 2024. The findings, discovered by Ontinue's
Advanced Threat Operations (ATO) shed light on the rapidly evolving
cyber threat landscape and highlights proactive defense strategies
critical for modern enterprises. The ATO offers a deep dive into the
trends shaping the first half of 2024 and provides insights into what
organizations can expect in the months ahead.
Key Findings:
- Increased Attacks on Manufacturing & Industrial Sectors:
The Manufacturing & Industrial sectors have seen a dramatic rise in
attacks, accounting for 41% of cyber incidents in the first half of
2024, an increase of 105% which sat at 20% in 2023. This contrasts with a
notable decline in attacks on the Technology/IT services sector, which
has benefitted from improved cybersecurity maturity and defenses.
- Chinese State-Sponsored Cyber Operations: The
report highlights a significant uptick in cyber operations originating
from China, driven by the nation's ongoing military and cyber
reorganization. These state-sponsored campaigns increasingly focus on
information control and leverage zero-day exploits, further complicating
attribution and escalating the global threat landscape.
- Lag in Patch Adoption Remains Critical: In Q1 2024
alone, over 8,967 Common Vulnerabilities and Exposures (CVE) records
were published, with another 13,400 pending. However, many organizations
are lagging in their patch adoption, leaving them vulnerable to attacks
that exploit known vulnerabilities. Alarmingly, 50% of the top 10
trending vulnerabilities this year were from 2023. This points to the
ongoing challenge organizations face in keeping pace with emerging
threats.
- Ransomware Still a Menace: Lockbit continues its
dominance as the most active ransomware group, evolving its tactics and
holding its position from last year. New players such as Hunters
International have entered the scene, further intensifying the
ransomware landscape. Clop, despite its temporary decline, is expected
to stage a comeback later in the year.
- Emerging Threats: The report identifies several
emerging threats for organizations to monitor closely, including the
rise of LOLSites, which exploit Microsoft-owned domains to bypass
security controls, and compromised SharePoint sites being used for
phishing. Additionally, Infostealers such as Raccoon Stealer and the
PlugX RAT continue to pose significant risks, especially for government
agencies and critical infrastructure.
Building Stronger Cybersecurity Maturity
The ATO team's findings underscore the need for organizations to take
a proactive approach to security. By focusing on timely patch
management, implementing multi-factor authentication securely, and
fostering a culture of security awareness, businesses can mitigate the
risks posed by these sophisticated threats. Ontinue encourages
organizations to adopt a multi-layered defense strategy, combining
network segmentation, regular backups, and well-tested incident response
plans to minimize the impact of ransomware and other cyber threats.
"Organizations can no longer afford to be reactive when it comes to
cybersecurity," said Craig Jones, VP of Security Operations at Ontinue.
"As cyber attackers evolve and become more sophisticated, organizations
must arm themselves with the latest intelligence and defenses to protect
their assets. This report highlights the critical need for businesses
to stay ahead of emerging threats by leveraging real-time intelligence
and enhancing their cybersecurity maturity. With the right defenses in
place, we can build a more resilient future."
To learn more about the findings, download the full report