No matter what new security solutions we see implemented, we continue to see a digital battleground with cybercriminals constantly evolving their tactics and exploiting vulnerabilities. Organizations of all sizes are faced with a barrage of threats, from sophisticated ransomware attacks demanding astronomical sums to deceptive business email compromise scams.
Arctic Wolf, a security operations company, released its annual Arctic Wolf Labs Threat Report and revealed many concerns when it comes to these cybercrimes. The report highlights a rise in ransom demands, continued exploitation of known vulnerabilities and the persistent threat of business email compromise (BEC) scams.
The report, compiled through analysis of trillions of data points and real-world threat intelligence, reveals a significant increase in ransom demands. According to Arctic Wolf, the average ransom demand jumped 20% compared to 2023, reaching $600,000 per attack.
This trend coincides with a growing momentum of "refuse-to-pay" initiatives, where organizations are increasingly resistant to paying ransoms, opting to invest in robust cybersecurity measures instead. However, the report also highlights financial losses incurred regardless of whether ransoms are paid, due to operational disruptions and the complexity of incident response.
Another concerning truth revealed in the report: cybercriminals continue to exploit well-known vulnerabilities even years after their public disclosure. Notably, the report identifies vulnerabilities identified before 2023 as a major point of entry for attackers – MOVEit was listed in the report, for example.
It cannot be stressed enough how important it is in patching systems promptly and implementing security practices that go beyond simply patching vulnerabilities. Multi-factor authentication, user awareness training and network segmentation are crucial to building a more comprehensive defense.
While ransomware dominates headlines, there is a continued prevalence of BEC scams. BEC attacks involve impersonating legitimate individuals or companies to trick victims into sending money or sensitive information. The report notes that BEC incidents, though receiving less media coverage, often lead to financial losses and often require formal incident response involvement due to their complexity. That explains why, despite BEC incidents outnumbering ransomware incidents by a factor of 10, a ransomware incident is 15 times more likely than a BEC incident to lead to an incident response investigation.
“By helping to end cyber risk for thousands of customers around the globe, Arctic Wolf Labs has access to an unmatched amount of data that allows us to provide deep and differentiated insights about the cybercrime landscape for both security practitioners and business leaders alike,” said Mark Manglicmot, Senior Vice President of Security Services, Arctic Wolf.
Because Arctic Wolf helps businesses manage cyber threats with its security platform, they would obviously include several recommendations for organizations seeking to fortify their security posture. So here is a general overview of what they recommend.
One is to regularly patch vulnerabilities. Promptly addressing known vulnerabilities reduces the attack surface accessible to adversaries.
Another, mentioned briefly above, is to implement MFA. MFA adds an extra layer of security by requiring a second factor beyond a username and password to access critical systems. Then, there is conducting regular security awareness training. Educating employees about common cyber threats and tactics teaches them to identify and report suspicious activity.
A final recommendation is to invest in security solutions. MDR services, for example, provide organizations with continuous monitoring, threat detection and incident response capabilities.
“Not only do our findings from this report provide valuable insights to the cybersecurity community, but they also serve as a direct input to the threat detection models contained within the Arctic Wolf Security Operations Cloud, ensuring we are able to defend our customers against cyber threats of all shapes and sizes,” said Manglicmot.
The 2024 Arctic Wolf Labs Threat Report is a way to stay informed about the latest trends, while also being reminded to implement robust security controls and foster a culture of cybersecurity awareness.
Edited by
Alex Passett
