2024
Global Threat Intelligence Report
Growing attack surface and threat complexity mixed with reduced staffing and budgets is creating a perfect storm for security professionals
Growing attack surface and threat complexity mixed with reduced staffing and budgets is creating a perfect storm for security professionals
The cybersecurity landscape is rapidly evolving while security resources remain stagnant or decline, leaving organizations vulnerable to routine threats like exploitation, malware, and escalating ransomware and extortion incidents. Manufacturing suffers the most attacks, while Trojans persist as significant threats. Proactive security measures are urgently needed to counter these challenges.
In 2023, we witnessed ransomware payments reach an all-time high of over $1 billion after a decline in 2022.
Malware continues to evolve to gain initial access, evade detection, and maintain persistence.
Manufacturing, technology, and transport & distribution remained in the top 5 as we continue to see attacks against critical infrastructure and supply chains prioritized by adversaries and facing significant risk.
United States and Manufacturing companies top the charts. Lockbit claimed the most victims for the second year in a row. We continue to see small and medium-sized businesses (SMBs) face significant risk, with over 50% of victims having less than 200 employees.
Malware continues to evolve to gain initial access, evade detection, and maintain persistence. The modularization of malware, and the increase in adversaries living off the land, highlights the need for organizations to have more comprehensive protections in place.
Organizations should leverage these insights to assess vendors and limit what is allowed within their environments. Many of the most popular vendors by market share and reputation are also among the highest in announced Common Vulnerabilities and Exposures (CVE) each year.
Last year, we highlighted the rapid integration of exploit code by malware and botnets for high-severity vulnerabilities, often aided by generative AI. We observed threat actors leveraging critical 0days for substantial gains in 2023, aligning with platforms targeted by vendors with the highest CVE volume.
This report presents our analysis of current cybersecurity trends and threats, along with our predictions for future developments in the threat landscape. Additionally, we offer detailed recommendations aimed at bolstering your organization's defenses against these evolving risks. By implementing these proactive measures, businesses can enhance their cybersecurity posture and better protect their valuable assets from potential threats and attacks.