Understanding the threat landscape helps organizations recognize their vulnerabilities and risks. This includes the attack surface, comprising infrastructure devices such as servers or network hardware, user endpoints like smartphones or tablets, and connected IoT devices.
The human element is the most common vulnerability, as 82% of breaches involve human error or social engineering. This is evident in phishing attacks and stolen credentials.
In most reports of cyber attack statistics by year, the human element remains a top threat vector, especially regarding phishing and stolen credentials. According to the 2022 Verizon Data Breach Investigations Report, phishing was the root cause of 82% of breaches at small organizations.
Malware samples can now hide from detection by traditional antivirus models and leverage public AI to create, automate, and scale new attacks. Attackers also use advanced phishing tactics, such as “spear phishing,” to target specific individuals or organizations. A spear-phishing campaign is a highly personalized email targeting a particular individual or organization and includes phone calls to increase credibility and impact the attack.
Criminals have taken advantage of several global crises this year to boost their attacks. For example, the COVID-19 pandemic caused cybercriminals to increase ransomware attacks, while tensions between Ukraine and Russia led to a sharp rise in DDoS attacks against organizations.
Ransomware is a cyber attack that locks or encrypts a victim’s files, systems, and devices to demand payment. Cybercriminals typically spread ransomware through phishing emails with malicious attachments, drive-by downloading, and social media. They can also use vulnerabilities in third-party software packages to gain network access.
In 2023, the most common ransomware variants included LockBit, which led to a global disruption of organizations’ ability to work and caused losses in the healthcare industry. Other attacks were attributed to business email compromise (BEC), which involves attackers impersonating key stakeholders and gaining access to login information to steal funds or products.
Attackers create botnets by infecting thousands or millions of devices with malware and connecting them to a network. These botnets can then steal data, take over systems, or launch DDoS attacks. The Internet of Things (IoT) growth has increased this threat. These PowerShell path IoT devices range from smart light bulbs to TVs to security cameras, including medical devices like glucose monitors and pacemakers.
Infecting unsuspecting users with bot malware is accomplished through many methods, including spamming and social engineering. Once installed, the malware will report its activities to the bot herders via email, file sharing, or social media application protocols. The herders will then pay a commission to the hackers that herded them into their botnet.
Attackers can also use bots to mine crypto, a process that takes computing power away from user systems and uses it to mine crypto on behalf of the attackers. This is called cryptojacking and has been a growing user concern since 2022. It’s been reported that 108 million accounts have been breached this year alone.
Many cyber attacks aim to steal enough information about victims to assume their identity and commit fraud or other illegal activity. This can be incredibly difficult to detect, particularly as most people only discover they are victims of identity theft when applying for credit or loans, dealing with collection agencies, or receiving calls from their bank or financial institution.
In 2022, phishing attacks targeted schools and universities across the ANZ region, resulting in students and teachers divulging their login credentials to malicious websites or phishing emails. This information can then be used to access confidential data or launch more sophisticated attacks on a school’s systems.
A lack of awareness among boards and senior management is hampering efforts to tackle cyber risks. Only 23% of security leaders monitor their partners and vendors in real-time for cybersecurity risks, while more than half limit third-party risk to their immediate suppliers. This leaves organizations open to attack via their supply chain, which could result in a more widespread impact than a single supplier compromise.
Often overlooked, social engineering attacks can be as dangerous as any other cyber attack. As such, businesses need to understand the threats they face and what they can do to combat them.
Hackers know that people trust, respect, or fear authority figures to varying degrees. As a result, they use this knowledge to lure victims into performing actions that compromise security, data, or assets. They do this by posing as government agencies or authority figures like police officers, political leaders, and celebrities.
Government organizations are particularly vulnerable to cyberattacks. They hold a large swath of personal information and critical national secrets, making them attractive targets for hackers. They also struggle with cybersecurity basics, making them easier to breach.
According to a 2018 report by Security Scorecard, many government systems, such as court systems, municipal utilities, bill payment services, traffic control, and voter registration data, are insecure. Hackers have used these weaknesses to access Americans’ personal and professional information. That’s why investing in employee awareness training is important and creates a culture promoting secure behavior.