SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image

CSIS report reveals surge in sophisticated cyber threats

Today

CSIS Security Group has released its latest Threat Matrix report shedding light on the dynamic and complex cyber threat landscape in the first half of 2024.

The report reveals a stark increase in the frequency and sophistication of cyberattacks, including those attributed to nation-state actors, hacktivism, and refined cyber techniques such as infostealer malware and ransomware. Notably, it draws attention to over one billion compromised credentials circulating monthly on the dark web.

The report underscores the growing trend of attacks gaining initial access through stolen credentials exposed online and highlights the importance of understanding supply chains to mitigate potential risks. Hacktivist groups remain active, forming alliances to execute DDoS attacks targeting critical infrastructure.

CSIS chief executive officer Daniel Shepherd commented, "Incidents such as the compromise of Microsoft by Midnight Blizzard, who are linked to Russia's SVR, and North Korean threat actors adopting zero-day exploits, demonstrate the increasing sophistication and boldness of nation-state actors.

"With these cybercriminals successfully adopting advanced technologies to exploit weakness in systems, the need for more robust intelligence-driven defences and international cooperation has never been greater," he said.

Shepherd further noted, "Our latest Threat Matrix report is both a warning and a guide for organisations to urgently build greater resilience against these evolving threats."

The report provides detailed insights, citing that despite disruptions, lockbit3 maintained its position as the leading ransomware operator in the first half of the year, with RansomHub emerging as a key player by June 2024. The United States is identified as the most targeted country, facing 47% of all ransomware attacks, followed by the UK and Canada.

In sector-specific targeting, manufacturing suffered the most, accounting for 22% of ransomware incidents, followed by healthcare, technology, and education sectors. The report also lists the top brands and hosts targeted by phishing attempts, with Apple and Royal Mail among the frequently attacked entities.

The document includes Real-World Scenarios, such as the RansomHub ransomware attack, that not only outline incidents and investigations but also provide actionable lessons and recommendations to better defend against such threats.

On the rise of infostealers, recent developments such as the Lumma Stealer upgrades are highlighted. The report identifies effective methods of distribution for these threats, flagging fake cracked software, the FakeBat Loader-as-a-Service, and deceptive CAPTCHA prompts as prominent vectors for distribution.

The findings stress the urgent need for effective threat intelligence, prompt implementation of software patches, and enhanced network monitoring. CSIS encourages organisations to leverage the report's insights to strengthen their cybersecurity frameworks.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X