Email and collaboration tools continue to be the channels through which most attackers start their effort to compromise targeted organisations, allowing Mimecast to detect and analyse many threats before they become widely known. At the same time, the perceived lack of concrete consequences for cyber operations has incentivised nations to expand their operations and cybercriminals to conduct more brazen attacks, said Mimecast in its Global Threat Intelligence Report for July to December 2024.
In the second half of 2024, Mimecast processed more than 90 billion data points for its over 42,000 customers, flagging more than 5 billion threats during the six-month period. The total number of protected interactions greatly exceeded that by many multiples, the company said.
Traditional attribution methods, which rely on infrastructure or malware signatures are increasingly unreliable, Mimecast said. Instead, the company analyses tactics, techniques, and procedures (TTPs) to categorise and reference threat operations systematically. This allows Mimecast to group threats and identify patterns across campaigns through the data captured from its solutions, even when traditional attribution methods fail. This approach provides a clearer and more reliable understanding of their evolving capabilities.
Report highlights:
- Phishing: 12% of phishing emails are now AI-written, enhancing social engineering and impersonation attempts.
- Human factor: 68% of breaches still involve human error, highlighting the need for ongoing training.
- Cybercriminals are "living off trusted services" (LOTS) such as Microsoft and Google.
- Geopolitical tensions are increasing nation-state cyberactivity.
Industries face unique threats. A greater proportion of malicious files targeted the arts, entertainment & recreation sectors in 2H24, while those in the media & publishing sector encountered more malicious links. Impersonation attacks dominated the threat profile for the software and software-as-a-service (SaaS) sector.
In contrast, 1H24's top targets by industry included banking, travel and hospitality, as well as arts and entertainment.
 |
| Source: Global Threat Intelligence Report. The most prolific threat operations, which have been given Mimecast
internal attribution names, include the three above impacting the Asia
Pacific and Middle East regions. |
Explore
Read the Global Threat Intelligence Report at https://www.mimecast.com/resources/ebooks/threat-intelligence-july-december-2024/
No comments:
Post a Comment