In the second quarter of 2024 [2] [3] [4] [5], ransomware and business email compromise (BEC) attacks were identified as the top threats, responsible for 60% of all incidents [5], according to a report by Cisco Talos [5].

Description

While BEC engagements decreased from the previous quarter [2] [4], ransomware incidents increased by 22% [2] [3], with new ransomware operations such as Mallox and Underground Team ransomware being identified. Compromised credentials on valid accounts were noted as the most common initial access method [2] [5], representing 60% of attacks [5], a 25% increase from the previous quarter [2] [5]. The technology sector was the most targeted [2], followed by healthcare [2], pharmaceuticals [2] [5], and retail [2]. Vulnerable or misconfigured systems and a lack of proper multi-factor authentication implementation were highlighted as the most observed security weaknesses [5], both increasing by 46% from the previous quarter [3] [5]. Network device targeting [2], including password-spraying and exploitation, also saw an increase [2], accounting for 24% of incidents [5]. The report emphasizes the importance of enhancing cybersecurity workforces with Synthetic Security Operatives (S2Os) to effectively combat these rising threats [1]. S2Os can assist in monitoring, detecting [1], and responding to threats [1], enforcing multi-factor authentication [1] [5], and providing proactive threat detection [1], ultimately creating a super-human employee capable of advanced cybersecurity tasks and better protecting sensitive data [1].

Conclusion

The increase in ransomware and BEC attacks in the second quarter of 2024 highlights the need for organizations to strengthen their cybersecurity measures. Implementing proper multi-factor authentication and addressing vulnerabilities in systems are crucial steps in mitigating these threats. The use of Synthetic Security Operatives (S2Os) can enhance cybersecurity workforces and improve the ability to detect and respond to evolving cyber threats. Looking ahead, investing in advanced cybersecurity technologies and training personnel to effectively utilize them will be essential in safeguarding sensitive data and preventing cyber attacks.

References

[1] https://www.linkedin.com/posts/point-break-security_equip-your-security-team-with-super-powerful-activity-7222101263927148544-PBtN
[2] https://blog.talosintelligence.com/ir-trends-ransomware-on-the-rise-q2-2024/
[3] https://siliconangle.com/2024/07/25/cisco-talos-business-email-compromise-ransomware-topped-threats-second-quarter/
[4] https://vulners.com/talosblog/TALOSBLOG:99EB359D9E54E1513C31E72B7AF5EBA2
[5] https://www.infosecurity-magazine.com/news/ransomware-bec-cyber-incidents/