Report reveals most common cybersecurity attacks and sectors most targeted

Ransomware attacks increasingly targeting critical infrastructure, the financial sector, healthcare and educational institutions.

  • 6 months ago Posted in

Obrela has released a detailed report into the global security landscape. The Obrela 2023 Digital Universe Report Digital Universe Report 2023 - Obrela examines the security landscape for the entire corporate ecosystem, covering industry-specific attacks as well as threat-specific attacks. Suspicious internal activity (35%), malware (18%) and security risks/policy violation cases were the most prevalent forms of attack in 2023, while banking, finance, the services sector and education faced the majority of attacks.

The most noticeable trends in 2023 are “Suspicious Internal Activity”, “Malware,” and security risks/ violation policies” while geopolitical tensions are manifesting in cyberspace, with Obrela reporting an uptick in state-sponsored cyber activities. State-sponsored Advanced Persistent Threat (APT) groups are conducting espionage, data theft and disruptive attacks more frequently, often targeting government entities, critical infrastructure and sectors deemed strategic to national interests.

Supply chain vulnerabilities are also more of a focal point for attackers seeking to compromise multiple targets through a single-entry point. Usually this is when attackers can gain access to the networks of numerous organisations at once. The ripple effect from these attacks emphasises the interconnectedness of cybersecurity risks across industries.

Obrela notes that cybercriminals are increasingly targeting less-protected third-party partners with privileged access to their primary target. Attackers persistently seek to infiltrate organisations by abusing the trust inherent in vendor-client connections.

As more and more organisations migrate to cloud services, the latest Obrela report notes attackers are shifting their focus. Misconfigurations, weak credentials, and insufficient access controls in cloud environments are being exploited to gain unauthorised access and exfiltrate sensitive data. Ensuring visibility and security in complex, multi-cloud environments remain a challenge for many organisations.

Another rising trend is the use of Artificial Intelligence (AI) and Machine Learning (ML) technologies in cyber-attacks. AI-driven phishing attacks, deepfakes, and automated vulnerability discovery are examples of where this technology is bolstering cyberattacks.

The expanding footprint of the Internet of Things (IoT) and operational technology (OT) devices in industrial and consumer contexts also presents new attack surfaces. These devices require

robust security features, to avoid vulnerability by attacks that can lead to data breaches, espionage and even physical damage, which in some industries like energy and manufacturing this is crucial.

Despite advances in security technology, human factors remain a critical vulnerability.

Phishing and social engineering attacks, for example, continue to evolve, exploiting psychological manipulation and sophisticated impersonation techniques to trick individuals into divulging sensitive information or accidentally installing malware.

Despite the ever-evolving advancements in cybersecurity defences, basic attack methods such as phishing, malware and brute force attacks continue to be highly effective. These methods exploit human errors and vulnerabilities in systems that persist over time, making them reliable tools for attackers.

Advanced cyberattacks often require significant resources, including time, expertise, and money. Attackers conducting simpler attacks can achieve similar goals with a much lower investment, making these techniques more appealing, especially for targeting small to medium-sized organisations with less sophisticated defences.

Dr. George Papamargaritis, VP MSS at Obrela says: “To combat these evolving threats, we are seeing organisations increasingly adopting a multi-layered approach to cybersecurity, including advanced threat detection and response tools, cybersecurity awareness training, robust data backup and recovery plans, and a zero-trust architecture. Collaboration and information sharing between industries and governmental bodies are also crucial for staying ahead of emerging threats.”

George revealed that in its threat detection and response work throughout 2023, Obrela collected some 14.5 PBs of logs, through monitoring over 500K devices/ endpoints.

Of 1.6M triaged alerts, 31.5Kcyberattack incidents were detected and foiled.

George added: “These figures underline what we are up against. As we move further into 2024, staying informed of the latest threats and continuously adapting cybersecurity strategies is evermore essential for protecting against this increasingly dynamic and sophisticated attack landscape.”

The report delivers sectoral, regional analysis and detailed descriptions of the most common forms of attack, followed by a list of the most common APT groups and their methods.

Obrela’s proprietary data reveals that the banking and finance sectors faced the most 'reconnaissance' attacks (a 37% increase compared to the same time last year) followed by education (13%). The financial sector also suffered one of the highest levels of malware attacks (a 26% year-on-year increase), while email attacks - such as fraud and phishing - affecting banking and finance most, are increasing by 43% compared to last year.

Through its proactive approach, Obrela provides a comprehensive cybersecurity defence mechanism, detecting and halting cyberattacks, while strengthening the overall security posture of organisations to prevent future incidents.

Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...
Gigamon and Exclusive Networks have expanded their existing distribution partnership, broadening...
Trustwave and Cybereason have announced a definitive merger agreement offering a comprehensive and...
FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and...