Critical for organizations to understand attackers’ tactics, techniques, and procedures.
By Bobby Cornwell, Vice President, Strategic Partnership Enablement & Integration, SonicWall
The 2023 mid-year cyber threat report card portends an ominous outlook with staggering data including the fact that 332 million cryptojacking attacks were recorded in the first half of 2023, and nearly 6 million encrypted threat attacks and more than 77 million IoT malware attacks transpired globally. This includes 172,146 never-before-seen malware variants.
Concerned? You should be.
As cyberattacks continue to expand in scale and sophistication, the digital assault on governments, enterprises and global citizens is seemingly endless and evolving at a rapid pace. Threat actors are increasingly seeking out opportunistic targets, such as schools, state and local governments, and retail organizations, and have continued shifting away from enterprise targets in the U.S. to regions such as Latin America and Asia — especially as organizations that are more prepared refuse to pay ransoms.
Unlike the cybercriminal gangs of years past, who relied on reputation and branding, today’s attackers are largely operating in secret, in part due to recent advances by law enforcement. By pivoting to lower-cost, less risky attack methods, such as cryptojacking, these attackers hope to reduce their risk of discovery while maximizing profit.
The current cyber threat outlook reveals an increasingly diversified landscape amid shifting threat actor strategies, requiring companies of all sizes to bolster their defenses. Threat actors are increasingly moving away from traditional ransomware attacks in favor of stealthier malicious activities.
Case in point, overall intrusion attempts are up by 21%, encrypted threats jumped 22%, IoT malware rose by 37%, and we saw a record 399% surge in cryptojacking volume.
This year also firmly reinforced the need for cybersecurity in every industry as threat actors targeted everything from education to finance. While organizations face an increasing number of real-world obstacles with macroeconomic pressures and continued geopolitical strife, threat actors are shifting attack strategies at an alarming rate.
These criminals are now embracing slower and more clandestine approaches to financially motivated cyberattacks. Hence, it is critical for organizations to better understand the attackers’ tactics, techniques, and procedures, and commit to threat-informed cybersecurity strategies to defend and recover successfully from business-disrupting events.
In addition to cyberattacks becoming more sophisticated and covert, threat actors are showing clear preferences for certain techniques, with notable shifts toward potentially soft targets like schools and hospitals.
Prominent ransomware attacks of recent—140.1 million thus far in 2023—have impacted enterprises, governments, airlines, hospitals, hotels and even individuals, causing widespread system downtime, economic loss, and reputational damage. While March saw lower-than-expected ransomware, it also turned out to be an inflection point as ransomware rose in April, more than doubled in May, and jumped again in June, suggesting a solid rebound in ransomware as we continue moving through 2023. Further, a number of these enterprises saw a huge growth in cryptojacking attacks, including education (+320X), government (+89X) and healthcare (+69X).
Moreover, cybercriminals are using increasingly advanced tools and tactics to exploit and extort victims, with state-sponsored activity growing as a concern. While ransomware continues to be a threat, we can expect more state-sponsored activity targeting a broader set of victims, including small and medium businesses (SMBs) who may mistakenly believe that they will fly under the radar of sophisticated attackers.
What then can companies and enterprises do to combat these ever-evolving cybersecurity threats? Staying up to date on cyber intelligence remains the best defense as it provides a deeper understanding of the current threat landscape and helps to break down why cyberattacks continue to be successful, as well as the drivers and trends behind them.
Further, and as a general rule, companies and enterprises should carefully follow the following four steps to ensure their safety:
- Stay abreast of new reports on the cyber threat landscape
- Review and test cyber threat defenses on a monthly basis
- Engage with a qualified cybersecurity company that provides comprehensive network protection for remote, mobile, and cloud-enabled workforces
- Consider utilizing managed detection and response services, as it offers an additional layer of protection and real time inspection
The cybersecurity community will continue its efforts to make information widely available to apprise, protect, and equip businesses of all sizes with the most accurate and up-to-date threat data to build stronger defenses and solutions to guard against malicious activities — particularly at precarious times like these, when threat actors and their attacks continue to evolve and attempt to evade detection.
About the Author
Bobby Cornwell serves as Vice President, Strategic Partnership Enablement & Integration, for cybersecurity leader SonicWall. Mr. Cornwell can be reached via email at [email protected]. For more information on SonicWall, please visit www.sonicwall.com, @SonicWall, or the company blog at https://blog.sonicwall.com/en-us/
;
We are in our 11th year, and Global InfoSec Awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.