In this article, you will find excerpts from various reports that offer stats and insights about the current cybercrime landscape.
Behavioral patterns of ransomware groups are changing
GuidePoint Security | GRIT Q1 2024 Ransomware Report | April 2024
- Q1 2024 resulted in a nearly 20% increase in reported victims over Q1 2023, despite the disruption of LockBit and the disbandment of Alphv, two of the largest and most prolific ransomware groups.
- The number of active ransomware groups more than doubled year-over-year, increasing 55% from 29 distinct groups in Q1 2023 to 45 distinct groups in Q1 2024.
AI set to play key role in future phishing attacks
Egress | Phishing Threat Trends Report 2024 | April 2024
- In 2021 and 2022, QR code payloads in phishing emails were relatively rare – accounting for 0.8% and 1.4% of attacks respectively. In 2023, this jumped to 12.4% and has continued at 10.8% for 2024 so far.
- Millennials are the top targets for phishing attacks, receiving 37.5% of phishing emails.
Bots dominate internet activity, account for nearly half of all traffic
Imperva | 2024 Imperva Bad Bot Report | April 2024
- For the fifth consecutive year, the proportion of web traffic associated with bad bots grew to 32% in 2023, up from 30.2% in 2022, while traffic from human users decreased to 50.4%.
- Account takeover (ATO) attacks increased 10% in 2023, compared to the same period in the prior year. Notably, 44% of all ATO attacks targeted API endpoints, compared to 35% in 2022.
AI weaponization becomes a hot topic on underground forums
ReliaQuest | ReliaQuest Annual Threat Report | March 2024
- Some 71% of all attacks trick employees via the use of phishing, and of particular concern is a sharp rise in QR code phishing, which increased 51% last year compared to the previous eight months.
- Financial theft stood out as the primary objective of criminals in 2023, driving 88% of customer incidents.
Cybercriminals use cheap and simple infostealers to exfiltrate data
SpyCloud | 2024 SpyCloud Identity Exposure Report | March 2024
- 61% of data breaches in 2023, involving over 343 million stolen credentials, were infostealer malware-related.
- Researchers recaptured nearly 1.38 billion passwords circulating the darknet in 2023, an 81.5% year-over-year increase from 759 million in 2022.
Scams are becoming more convincing and costly
Visa | Spring 2024 Threats Report | March 2024
- Purchase Return Authorization (PRA) fraud attacks increased 83% over the previous five-month period, with each successful attack leading to approximately $115,000 in potential fraud losses to banks.
- Ransomware cases increased 300% from June to December 2023 when compared to the same period in 2022.
Malware stands out as the fastest-growing threat of 2024
Thales | 2024 Thales Data Threat Report | March 2024
- The number of enterprises experiencing ransomware attacks surged by over 27% in the past year.
- Malware stands out as the fastest-growing threat of 2024, with 41% of enterprises witnessing a malware attack in the past year – closely followed by phishing and ransomware.
API environments becoming hotspots for exploitation
Akamai | Lurking in the Shadows: Attack Trends Shine Light on API Threats | March 2024
- A total of 29% of web attacks targeted APIs over 12 months (January through December 2023), indicating that APIs are a focus area for cybercriminals.
- Commerce is the most attacked vertical with 44% of API attacks, followed by business services at nearly 32%.
Keyloggers, spyware, and stealers dominate SMB malware detections
Sophos | 2024 Sophos Threat Report | March 2024
- In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials.
- Between 2022 and 2023, the number of ransomware attacks that involved remote encryption—when attackers use an unmanaged device on organizations’ networks to encrypt files on other systems in the network—increased by 62%.
Image-based phishing tactics evolve
IRONSCALES and Osterman Research | Fortifying the Organization Against Image-Based and QR-Code Phishing Attacks | March 2024
- While 70% of organizations feel their current security stacks are effective against image-based and QR code phishing attacks, 76% were still compromised in the last 12 months.
- Organizations know of the rising threat posed by image-based and QR code phishing attacks, with 90% of respondents acknowledging that such attacks target their organizations.
98% of businesses linked to breached third parties
SecurityScorecard | Close Encounters of the Third (and Fourth) Party Kind | March 2024
- Cybercrime group Cl0p was responsible for 64% of attributable third-party breaches in 2023, followed only by LockBit at a mere 7%.
- Approximately 29% of all breaches in 2023 were attributable to a third-party attack vector.
Cybersecurity crisis in schools
Trustwave | 2024 Education Threat Landscape | February 2024
- The threat group LockBit accounted for 30% of ransomware incidents targeting the education sector.
- Apache Log4j (CVE-2021-44228) continues to be the most common exploit attempt against educational institutions, accounting for 74% of attempts.
Secure email gateways struggle to keep pace with sophisticated phishing campaigns
Cofense | 2024 Annual State of Email Security Report | February 2024
- Secure email gateways are struggling to keep pace with the rapidly evolving nature of phishing campaigns, evidenced by a concerning 104.5% increase in the number of malicious emails bypassing SEGs in 2024.
- Healthcare and finance remained the top targeted industries – Increases in malicious emails bypassing SEGs in those industries at 84.5% and 118%, respectively.
Clean links and sophisticated scams mark new era in email attacks
VIPRE Security | Email Security in 2024: An Expert Look at Email-Based Threats | February 2024
- When it comes to phishing, 71% of emails are still using links as their primary bait.
- Financial services (22%) was the most targeted sector by phishing and malspam emails, followed by information technology (14%), healthcare (14%), education (10%), and government (8%).
QR code attacks target organizations in ways they least expect
Abnormal Security | H1 2024 Email Threat Report | February 2024
- 76% of organizations in the construction and engineering industry received at least one VEC attack in the second half of 2023, while 66% of retailers and consumer goods manufacturers were targeted during that same period.
- Organizations with more than 50,000 employees have a nearly 100% chance of experiencing at least one BEC attack every week.