Redwood City, CA – Ontinue, a leading provider of AI-powered managed extended detection and response (MXDR) services and winner of the 2023 Microsoft Security Services Innovator of the Year award, today released its first-ever 2023 Threat Intelligence Report authored by the Advanced Threat Operations (ATO) team. This report offers a deep dive into emerging threats, top attacks by industry, and crucial statistics shaping the cybersecurity landscape.
Cyber attackers are becoming increasingly sophisticated, using advanced techniques such as social engineering, ransomware, and supply chain attacks to breach organizations’ defenses. As new threats and tactics are used, it’s becoming more challenging for organizations to keep up with the latest threats and implement effective defenses. In this report, the ATO team gathered and analyzed intelligence across 600,000 endpoints to help empower customers and organizations with actionable information to better understand and mitigate cybersecurity risks more effectively.
Key Highlights from the report include:
2023 Threat Landscape Trends
· The Rise of Ransomware: Threat actors are using more sophisticated techniques, targeting organizations of all sizes and industries. There has also been an increase in adoption of double-extortion tactics.
· Nation-state Operations: The team saw a significant uptick in cyber operations by nation-state actors, targeting governmental and private sectors with sophisticated tactics.
· Internet of Things (IoT) Security: Poorly secured connected devices have become prime targets for botnet exploitation, DDoS attacks, and unauthorized access, emphasizing the need for prioritized IoT security.
· Artificial Intelligence (AL) and Machine Learning (ML) Exploitation: Threat actors are leveraging AI and ML for malicious purposes, from creating convincing deepfakes to evading traditional security measures.
· Supply Chain Vulnerabilities: Supply chain attacks emerged as a major concern, exploiting vulnerabilities in software dependencies and compromising trusted vendors.
· Social Engineering Sophistication: Increasingly sophisticated social engineering attacks are exploiting human vulnerabilities, posing a substantial threat to sensitive information and systems.
· Top Threats Impacting all Industries: The report found that phishing, social engineering, and vulnerability exploitation as the most significant risks across all industries.
Attacks Exploiting Real-time Communications to Bypass Traditional Security Measures
· QR Phishing’s Rise: The report shines a spotlight on the rising threat of QR Phishing, elucidating how this method effectively bypasses security measures by embedding malicious links within QR codes.
· Adversary-in-the-Middle (AiTM) Phishing Challenges MFA: There’s a rise in AiTM phishing attacks exploiting real-time communications to bypass multifactor authentication, which poses a significant challenge to traditional security measures.
Information Technology and Construction Sectors Hit the Hardest by Ransomware
· Targeted Industries: Information technology and construction sectors bore the brunt of ransomware attacks, comprising nearly 50% of all incidents.
· Dominance of LockBit Ransomware Group: LockBit emerged as the most active ransomware group, employing a “name and shame” technique, while the 8Base ransomware group gains notoriety for targeting small- and medium-sized businesses.
“This inaugural report underscores Ontinue’s commitment to transparency and accountability by providing customers with visibility into emerging threats, industry trends, and best practices to combat cyber threats,” said Craig Jones, VP of Security Operations at Ontinue. “This report serves as a foundation for future reports, establishing Ontinue as a trusted source of timely, relevant, and insightful threat intelligence. With this release, Ontinue continues to lead the way in delivering innovative cybersecurity solutions tailored to meet the evolving needs of organizations, globally.
The report also highlights threats forecasted to impact organizations in 2024, including AI, IoT, Hacktivism, Supply Chain, BEC, NIS2, and Ransomware.
Ontinue’s ATO team is a group of Threat Intelligence and Hunting experts dedicated to gathering and curating intelligence to enrich incidents in Ontinue’s Managed Security Operations service. This report reflects Ontinue’s commitment to cybersecurity by providing valuable insights to organizations as they navigate the evolving threat landscape.
For the full report, please visit Ontinue.com.
About Ontinue: Nonstop SecOps
As a leading provider of AI-powered managed extended detection and response (MXDR) service, Ontinue is on a mission to be the most trusted security partner that empowers customers to embrace and accelerate digital transformation by using AI to operate more at scale, and with less risk. The combination of AI and human expertise is essential for delivering effective managed security that is tailored to a customer’s unique environment, operational constraints, and risks. Our MXDR service combines powerful proprietary AI with the industry’s first collaboration with Microsoft Teams to continuously build a deep understanding of our customers’ environments, informing how we prevent, detect, and respond to threats. Our Microsoft expertise allows customers to achieve these outcomes with the Microsoft Security tools they already own. The result is highly localized managed protection that empowers security teams to be faster, smarter, and more cost efficient than ever before.
Continuous protection. AI-powered Nonstop SecOps. That’s Ontinue.