The report analyzed data from public disclosures and “leak site communications” -- email, chat and social media channels used by threat actors to market stolen data, coordinate attacks with each other and communicate with victims.
The increase in ransomware attacks is attributed to several factors, including the growing sophistication of ransomware gangs, the increasing availability of ransomware tools and kits, and the willingness of some organizations to pay ransoms despite FBI recommendation not to.
Common initial access vectors used by ransomware gangs included remote access (39%), followed by vulnerability exploitation (27%), phishing payloads (13%), supply chain compromise (6%), and insider threat incidents (4%).
Organizations need to be aware of these common initial access vectors and take steps to mitigate them. This includes implementing strong security controls such as multi-factor authentication and educating employees about phishing and social engineering attacks.
The report tracked 79 known state-sponsored attacks in H1 2023. The most common technique used by these groups was spear phishing and the abuse of valid accounts.
State-sponsored actors have targeted critical infrastructure (CI), industries essential to our way of life. A cyberattack on any of them – energy, water, chemical, sewage, transportation, healthcare, financial services, government facilities, food and agriculture, nuclear – could have devastating consequences on our economy, our security, and our health.
2021 was a watershed year for CI-related attacks, alerting the Federal government to the urgency for shoring up cybersecurity efforts.
Organizations need to be aware of the growing threat of these attacks and protect themselves by implementing strong security controls, educating employees about social engineering, and having an incident plan in place. Additionally, organizations should:
New-school security awareness training can enable employees to follow security best practices and avoid falling for phishing and social engineering traps.
Infosecurity Magazine has the full story.