Ransomware payments hit record highs as threats get harder to detect
The frequency of ransomware attacks has dropped from eight incidents per organization to five or six incidents in the last year, but at the same time the average ransomware payment has surged by more than a million dollars, from $2.5M to $3.6M.
A new Global Threat Landscape report from ExtraHop, based on research by Censuswide, finds threat actors are shifting away from broad, indiscriminate attacks to a more targeted approach that yields better results.
As IT environments grow increasingly complex and attack surfaces expand, threat actors are able to capitalize on blind spots, spending more time inside an organization to cause greater damage and achieve higher payouts.
Organizations are taking more than two weeks to respond to and contain a security alert. This delay in response can give attackers time to maximize damage, with the research showing organizations experience an average downtime of more than 37 hours after an incident occurs.
Respondents say the public cloud (53.8 percent), third-party services and integrations (43.7 percent), and generative AI applications (41.87 percent) pose the most significant cybersecurity risks to their organization.
The tactics attackers are using to gain network access vary, with the traditional method of phishing and social engineering (33.65 percent) taking the top spot, followed by software vulnerabilities (19.43 percent), third-party/supply chain compromise (13.4 percent), and compromised credentials (12.2 percent).
Meanwhile the top challenges hindering a timely response to security threats include limited visibility into the entire environment (41 percent), overwhelming alert volume (34 percent), disparate and poorly integrated tools (34 percent), and inefficient or manual SOC workflows (34 percent). Visibility was a top challenge in critical industries such as telecom, finance, and education.
You can get the full report from the ExtraHop site.
Image credit: Vchalup/Dreamstime.com