Geopolitical tension, extortion and attacks present biggest cybersecurity risks

The Q4 Global Threat Intelligence Report* reveals that extortion campaigns, geopolitical threats, and attacks on small and medium-sized businesses (SMBs) to be among the greatest threats to cybersecurity defenses. The report analyzes the threat landscape for Q4 2023 and offers actionable recommendations on how to improve cyber defense. Key findings from the report include:

Ransomware threat evolves to effectively hold victims hostage

Ransomware and breach-for-ransom campaigns continued to grow in Q4 2023, with one of the larger groups, ALPHV Blackcat, compromising more than 1,000 victims with ransomware and data extortion and reaping more than $300 million in ransom payments by the end of the quarter. Attack strategies have evolved from crypto-ransomware (where attackers encrypt data and hold the decryption key) to breach-for-ransom campaigns (where attackers steal sensitive data and threaten to release the sensitive information unless paid) to double- and triple-extortion strategies (where attackers combine tactics for more dire consequences).

Mick Paisley, Chief Security & Resilience Officer at Mimecast, said: “We blocked nearly 250 million attacks against Mimecast-protected systems in January – a new record high for the business, highlighting the sheer scale of the threat.

“It’s striking that in a busy election year, with 76 countries due to go to the polls, geopolitical tensions have increased, leading to more cyberattacks, with over 100 hacker groups claiming participation in the Israel-Gaza conflict alone. It is deeply concerning that nation-states are using cyber operations to gather intelligence on rival governments and attack critical infrastructure and information systems. Organizations must act to ensure they and their employees are protected against this continuing uptick in malicious activity. Our new report offers threat-specific countermeasures and general recommendations to help combat threats.”

Small and Medium businesses pay BIG price

Users at small and medium-sized businesses encountered more than twice the number of threats — 31 and 32 threats per user (TPU), respectively — than users at large companies, who saw about 15 TPU in Q4.

The larger risk for SMBs is due to a greater share of employees in critical roles; targeting those users results in a higher level of threats per user. In addition, because SMBs rely on credential-based cloud services for much of their operations, attackers are more focused on credential theft, a common phishing goal. A striking 99% of UK businesses are small to medium enterprises, according to the UK Government, making the threat particularly pronounced in the UK.

Threat actors become less attached

In Q4, for the first time, the average user was more likely to encounter a malicious link than a malicious attachment. With users ignoring the overwhelming volume of email messages blocked as either spam or impersonation (phishing), attackers are shifting from delivering payloads as malware to sending links to malicious sites, which then deliver the payload.

 

Mimecast’s Global Threat Intelligence Report October – December 2023.

 

    Read more

    Latest News

    Read More

    How to support working dads in their time of grief

    24 December 2024

    Newsletter

    Receive the latest HR news and strategic content

    Please note, as per the GDPR Legislation, we need to ensure you are ‘Opted In’ to receive updates from ‘theHRDIRECTOR’. We will NEVER sell, rent, share or give away your data to third parties. We only use it to send information about our products and updates within the HR space To see our Privacy Policy – click here

    Latest HR Jobs

    University of Cambridge – Wellcome Trust / Cancer Research UK Gurdon InstituteSalary: £26,642 to £30,505

    London School of Economics and Political ScienceSalary: £32,135 to £35,304 pro rata

    University of Bath – Digital, Data & Technology GroupSalary: £46,485 to £55,295. Grade 8, per annum

    University of Warwick – Human ResourcesSalary: £24,044 to £26,038 per annum

    Read the latest digital issue of theHRDIRECTOR for FREE

    Read the latest digital issue of theHRDIRECTOR for FREE