Manufacturing and industrial sectors most targeted by attackers
Manufacturing and industrial products remain the most targeted sectors by cyber threat actors in the first half of 2024, with 377 confirmed reports of ransomware and database leak hits in the first half of the year.
A new report from managed detection and response specialist Critical Start is based on analysis of 3,438 high and critical alerts generated by 20 supported Endpoint Detection and Response (EDR) solutions, as well as 4,602 reports detailing ransomware and database leak activities across 24 industries in 126 countries.
Professional services have seen an increase in reported database leaks and ransomware attacks, jumping by 15 percent compared to 2023 with 351 cases reported compared to 334. Legal services organizations, including courthouses, and supply chains have become prime targets due to the wealth of intellectual property and sensitive data they possess.
Healthcare and life sciences ransomware and database leak incidents surged by 180 percent in February 2024 compared to the same period in 2023, coinciding with the attack on Change Healthcare and other healthcare providers.
Engineering and Construction remained a target for cyberattacks in the first half of both 2023 and 2024 with the United States bearing the brunt of attacks in the first half of 2024, experiencing a staggering 46.15 percent increase compared to 2023.
The report also finds a 12.75 percent decrease (from H1 2023) in database leaks and ransomware attacks targeting technology companies.
"The first half of 2024 has painted a concerning picture of the ransomware threat landscape. We are continuing to observe a surge in ransomware and database leak activities," says Callie Guenther, senior manager of cyber threat research at Critical Start. "With bad actors becoming more sophisticated, it is vital for organizations to have a strong security culture and strategy in place. Managed Detection and Response (MDR) solutions that integrate asset inventory, endpoint controls security coverage, and MITRE ATT&CK Mitigations, help organizations proactively mitigate risk, leading to a reduced attack surface and a more resilient security infrastructure."
The study notes that BEC scammers are now targeting smaller, less cybersecurity-conscious businesses. It shows a surge in deepfake attacks too, with a huge 3,000 percent increase in deepfake fraud attempts.
You can get the full report from the Critical Start site.
Image credit: totojang1977/depositphotos.com