Find out which cyber threats you should be concerned about
This article includes excerpts from various reports that offer statistics and insights into the current cyber threat landscape.
Human error still perceived as the Achilles’ heel of cybersecurity
Proofpoint | 2024 Voice of the CISO | May 2024
- Human error continues to be perceived as the Achilles’ heel of cybersecurity, with 74% of CISOs identifying it as the most significant vulnerability.
- In a year of growing insider threats and people-driven data loss, more CISOs than ever (80%) see human risk, in particular negligent employees as a key cybersecurity concern over the next two years.
Worried about job security, cyber teams hide security incidents
VikingCloud | The 2024 Threat Landscape Report: Cyber Risks, Opportunities, & Resilience | May 2024
- 55% of companies believe cybercriminals are more advanced than their internal team.
- 33% of companies were late to respond to cyberattacks because they were dealing with a false positive, and 63% spend more than 208 hours per year managing false positives.
Ransomware fallout: 94% experience downtime, 40% face work stoppage
Arctic Wolf | The State of Cybersecurity: 2024 Trend Report | May 2024
- Within the last 12 months, 48% of organizations identified evidence of a successful breach within their environment.
- 70% of organizations were the targets of attempted BEC attacks in the last year, with 29% of these targets becoming victims of one or more successful BEC occurrences.
Cybercriminals shift tactics to pressure more victims into paying ransoms
At-Bay | The 2024 InsurSec Report: Ransomware Edition | May 2024
- Ransomware claims frequency as a whole jumped 64% year over year, primarily due to the explosion of “indirect” ransomware claims whose frequency increased by 415%.
- Of the 41 unique ransomware strains observed over 2023, LockBit and BlackCat/ALPHV were used in 35% of all direct ransomware attacks.
Cloud security incidents make organizations turn to AI-powered prevention
Check Point | 2024 Cloud Security Report | May 2024
- Cloud security incidents are alarmingly on the rise, with 61% of organizations reporting breaches within the last year, marking a significant increase from 24% the year before.
- Despite the growing threat landscape, only 25% of organizations have fully implemented Cloud Native Application Protection Platforms (CNAPP).
Cybersecurity analysis exposes high-risk assets in power and healthcare sectors
Claroty | CPS Blind Spot | May 2024
- 23% of industrial OT and 22% of medical devices have vulnerabilities with CVSS v3.1 scores of 9.0 or higher, which would be an impossible number to patch.
- 1.6% of OT and IoMT are defined as “high risk,” have an insecure internet connection, and contain at least one KEV – the apex of exposure factors that together pose a real, imminent danger to organizations.
Log4Shell shows no sign of fading, spotted in 30% of CVE exploits
Cato Networks | Cato CTRL SASE Threat Report Q1 2024 | May 2024
- All enterprises continue to run insecure protocols across their WAN, with 62% of all web application traffic being HTTP, 54% of all traffic being telnet, and 46% of all traffic being SMB v1 or v2 instead of SMBv3.
- Three years after its discovery, Log4Shell (CVE-2021-44228) remains one of the most used exploits and it was found across 30% of the outbound CVE exploitations observed.
Critical vulnerabilities take 4.5 months on average to remediate
Bitsight | A Global View of the CISA KEV Catalog: Prevalence and Remediation | May 2024
- Over a third of organizations had at least one known vulnerability in 2023, with nearly a quarter of those facing five or more, and 60% of vulnerabilities remained unaddressed past CISA’s deadlines.
- 35% organizations experienced a KEV in 2023 – 66% of which had more than one, 25% of which had more than five and 10% of which had more than ten.
Selfie spoofing becomes popular identity document fraud technique
Socure | Unmasking Document and Biometric Identity Fraud: Exposing the Deceptions | May 2024
- Document image-of-image was the most prevalent identity (ID) document fraud technique in 2023, occurring in 63% of all IDs that were rejected.
- 49% of all selfie spoofing attacks are carried out on users in the age 50 and above population.
Global ransomware crisis worsens
NTT Security Holdings | 2024 Global Threat Intelligence Report | May 2024
- Ransomware and extortion incidents surged by 67% in 2023.
- Manufacturing topped the list of attack sectors in 2023 at 25.66% and had the most ransomware victims posted on social channels with 27.75%.
Ransomware activity is back on track despite law enforcement efforts
Corvus Insurance | Q1 Ransomware Report: Ransomware Groups Don’t Die, They Multiply | May 2024
- Despite significant disruptions for high-profile ransomware gangs LockBit and BlackCat, Q1 2024 became the most active first quarter ever recorded — a 21% increase over Q1 202.
- According to the data, 1,075 leak site ransomware victims were posted on leak sites during the first quarter of 2024, despite the disruption of two major ransomware groups, LockBit and ALPHV/BlackCat, which accounted for 22% and 8% of the activity, respectively.
Ransom recovery costs reach $2.73 million
Sophos | State of Ransomware 2024 | May 2024
- 63% of ransom demands were for $1 million or more, with 30% of demands for over $5 million, suggesting ransomware operators are seeking huge payoffs.
- For the second year running, exploited vulnerabilities were the most commonly identified root cause of an attack, impacting 32% of organizations.
2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element
Verizon | 2024 Data Breach Investigations Report | May 2024
- The exploitation of vulnerabilities as an initial point of entry almost tripled from the previous year, accounting for 14% of all breaches.
- 68% of breaches, whether they include a third party or not, involve a non-malicious human element, which refers to a person making an error or falling prey to a social engineering attack.
AI-driven phishing attacks deceive even the most aware users
Zscaler | Zscaler ThreatLabz 2024 Phishing Report | May 2024
- In 2023, the United States (55.9%), United Kingdom (5.6%) and India (3.9%) emerged as the top countries targeted by phishing scams.
- The finance and insurance sector experienced the highest number of overall phishing attempts, amounting to a 393% increase of attacks from the previous year.
AI set to play key role in future phishing attacks
Egress | Phishing Threat Trends Report | April 2024
- In 2021 and 2022, QR code payloads in phishing emails were relatively rare – accounting for 0.8% and 1.4% of attacks respectively. In 2023, this jumped to 12.4% and has continued at 10.8% for 2024 so far.
- Deepfakes continue to hit the headlines, and the use of Zoom and mobile phone calls as the second step in multi-channel attacks has increased in the first quarter of 2024 compared with the last quarter of 2023; Zoom by 33.3% and mobile phone calls by 31.3%.
Bots dominate internet activity, account for nearly half of all traffic
Imperva | 2024 Imperva Bad Bot Report | April 2024
- For the fifth consecutive year, the proportion of web traffic associated with bad bots grew to 32% in 2023, up from 30.2% in 2022, while traffic from human users decreased to 50.4%.
- Bad bots masquerading as mobile user agents accounted for 44.8% of all bad bot traffic in the past year, up from 28.1% just five years ago.
73% brace for cybersecurity impact on business in the next year or two
Cisco | 2024 Cisco Cybersecurity Readiness Index | April 2024
- Only 3% of organizations across the globe have the ‘mature’ level of readiness needed to be resilient against modern cybersecurity risks.
- 73% of respondents said they expect a cybersecurity incident to disrupt their business in the next 12 to 24 months.
AI weaponization becomes a hot topic on underground forums
ReliaQuest | ReliaQuest Annual Cyber-Threat Report: 2024 | March 2024
- Some 71% of all attacks trick employees via the use of phishing, and of particular concern is a sharp rise in QR code phishing, which increased 51% last year compared to the previous eight months.
- Extortion activity increased by 74%, with a record 4,819 compromised entities named on data-leak websites from ransomware groups, with LockBit alone accounting for 1,000-plus entities.
Cybercriminals use cheap and simple infostealers to exfiltrate data
SpyCloud | 2024 SpyCloud Identity Exposure Report | March 2024
- 61% of data breaches in 2023, involving over 343 million stolen credentials, were infostealer malware-related.
- Researchers recaptured nearly 1.38 billion passwords circulating the darknet in 2023, an 81.5% year-over-year increase from 759 million in 2022.
Malware stands out as the fastest-growing threat of 2024
Thales | 2024 Thales Data Threat Report | March 2024
- The number of enterprises experiencing ransomware attacks surged by over 27% in the past year.
- Malware stands out as the fastest-growing threat of 2024, with 41% of enterprises witnessing a malware attack in the past year – closely followed by phishing and ransomware.
90% of exposed secrets on GitHub remain active for at least five days
GitGuardian | The State of Secrets Sprawl 2024 | March 2024
- 12.8 million new secrets occurrences were leaked publicly on GitHub in 2023, +28% compared to 2022.
- The research sheds light on an important security gap: upon discovering an exposed valid secret, 90% remain active for at least five days, even after the author is notified.
Human risk factors remain outside of cybersecurity pros’ control
Mimecast | 2024 State of Email & Collaboration Security | March 2024
- 74% of all cyber breaches are caused by human factors, including errors, stolen credentials, misuse of access privileges, or social engineering.
- Worldwide, the average cost of a data breach is now $4.45 million, up 15% over three years.
98% of businesses linked to breached third parties
SecurityScorecard | Close Encounters of the Third (and Fourth) Party Kind | March 2024
- Approximately 29% of all breaches in 2023 were attributable to a third-party attack vector.
- While third-party breaches are common globally, Japan stood out with a significantly higher rate (48%).
Clean links and sophisticated scams mark new era in email attacks
VIPRE Security | Email Security in 2024: An Expert Look at Email-Based Threats | February 2024
- When it comes to phishing, 71% of emails are still using links as their primary bait.
- Financial services (22%) was the most targeted sector by phishing and malspam emails, followed by information technology (14%), healthcare (14%), education (10%), and government (8%).
QR code attacks target organizations in ways they least expect
Abnormal Security | H1 2024 Email Threat Report | February 2024
- Business email compromise (BEC) and vendor email compromise (VEC) attacks have grown substantially, with BEC doubling in frequency and VEC jumping 50% year-over-year.
- Organizations with more than 50,000 employees have a nearly 100% chance of experiencing at least one BEC attack every week.
Cybercriminals replace familiar tactics to exfiltrate sensitive data
Delinea | State of Ransomware 2024: Anticipating the Battle and Strengthening Your Defenses | January 2024
- Although not back at the levels of 2021, the number of organizations claiming to have been a victim of ransomware in the past 12 months more than doubled since last year, from 25% to 53%.
- Data exfiltration registered a surge of 39% (reported by 64% of respondents, up from 46%) and became a preferred goal for the attackers, who are now gaining control of a company’s network to download sensitive data to sell on the darknet.
Payment fraud is hitting organizations harder than ever before
Trustpair | Fraud in the Cyber Era: 2024 Fraud Trends and Insights | February 2024
- 96% of US companies were targeted with at least one fraud attempt in the past year.
- Fraudsters primarily used text messages (50%), fake websites (48%), social media (37%), hacking (31%), BEC scams (31%) and deepfakes (11%) to dupe organizations.