Ontinue, an AI-powered managed extended detection and response (MXDR) services provider and the recipient of the 2023 Microsoft Security Services Innovator of the Year award, has unveiled its inaugural 2023 Threat Intelligence Report. Authored by the Advanced Threat Operations (ATO) team, the report offers a comprehensive analysis of emerging threats, industry-specific attacks, and critical statistics shaping the cybersecurity landscape.
Cyber attackers are employing increasingly sophisticated techniques, including social engineering, ransomware, and supply chain attacks, making it challenging for organizations to keep pace with evolving threats. The ATO team's report, based on intelligence gathered from 600,000 endpoints, aims to empower organizations with actionable information to enhance their cybersecurity defenses.
Key highlights from the report include:
Rise of Ransomware: Attackers are employing sophisticated techniques and double-extortion tactics, targeting organizations across all industries.
Nation-state Operations: There has been a significant increase in cyber operations by nation-state actors, targeting both governmental and private sectors.
IoT Security: Poorly secured connected devices are prime targets for exploitation, emphasizing the need for enhanced IoT security.
AI and ML Exploitation: Threat actors are leveraging AI and ML for malicious purposes, including creating deepfakes and evading traditional security measures.
Supply Chain Vulnerabilities: Supply chain attacks have emerged as a major concern, exploiting software dependencies and compromising trusted vendors.
Social Engineering Sophistication: Increasingly sophisticated social engineering attacks are exploiting human vulnerabilities.
The report also highlights the rise of QR Phishing, which bypasses security measures by embedding malicious links within QR codes, and the challenge posed by Adversary-in-the-Middle (AiTM) phishing attacks in bypassing multifactor authentication.
The information technology and construction sectors were identified as the most impacted by ransomware attacks, with LockBit and 8Base ransomware groups being particularly active.
Craig Jones, VP of Security Operations at Ontinue, stated, "This inaugural report underscores Ontinue's commitment to transparency and accountability by providing customers with visibility into emerging threats, industry trends, and best practices to combat cyber threats. This report serves as a foundation for future reports, establishing Ontinue as a trusted source of timely, relevant, and insightful threat intelligence."
The report also forecasts threats that are expected to impact organizations in 2024, including AI, IoT, Hacktivism, Supply Chain, BEC, NIS2, and Ransomware. Ontinue's ATO team, consisting of Threat Intelligence and Hunting experts, is dedicated to gathering and curating intelligence to enrich incidents in Ontinue's Managed Security Operations service, reflecting the company's commitment to cybersecurity.