Threat actors generally didn’t need to use zero-day vulnerabilities, instead opting for publicly disclosed vulnerabilities to target unpatched machines, including ProxyLogon, ProxyShell and Log4Shell. This was almost three times higher than in 2021 (13%).Įxploiting vulnerabilities in internet-facing systems was an equally popular entry point for both nation-state and cybercriminal attackers, accounting for one-third of incidents where IAV could be established. The Secureworks CTU was able to link the growth in BEC to a significant increase in successful phishing campaigns, making up 33% of incidents where the initial access vector (IAV) could be established. One of the key findings of this research is that incidents involving business email compromise (BEC) have doubled, knocking ransomware off the top spot as the most common type of financially-motivated cyber threat to companies. Secureworks helped contain and remediate more than 500 real-world security incidents in 2022, with the company’s CTU researchers analysing the data from these events to understand trends and emerging threats. Given the current landscape involving risks of advanced AI threats dominating the cybersecurity industry, this finding emphasises the importance of businesses focusing on cyber hygiene to improve their network defences. The Secureworks Counter Threat Unit (CTU) has found that most real-world security incidents start with much smaller organisational issues.
0 kommentar(er)
