Managed Detection and Response (MDR) cybersecurity solutions provider, Critical Start, has released its biannual Cyber Threat Intelligence Report, offering insights into the major threats witnessed in the first half of 2023. The report focuses on emerging cybersecurity trends impacting the healthcare, financial services, and state and local government (SLED) sectors. It also provides actionable guidance for organizations to enhance their security posture and proactively mitigate potential risks.
In an ever-evolving cyber threat landscape, timely threat intelligence is vital for identification and real-time response. Cybercrime has now become the world's third-largest economy and is projected to generate an astounding $8 trillion by the end of 2023, equivalent to around $25,000 per person in the United States. The Critical Start Cyber Threat Intelligence (CTI) team leveraged various intelligence sources, including customer data, open-source intelligence, vulnerability research, social media monitoring, and dark web monitoring, to identify the most significant cybersecurity threats of the first half of 2023.
Top report highlights include:
The Critical Start Security Operations Center (SOC), responsible for monitoring millions of endpoints and conducting over 80,000 investigations per week, reported notable increases in the number of investigated alerts, alerts escalated to customers, and high or critical priority alerts. In the first quarter of 2023, there was a 38.88% rise in high or critical priority alerts escalated to customers compared to the previous quarter.
Two-step phishing attacks are on the rise, with attackers using convincing emails that resemble legitimate vendor communications, often related to electronic signatures, orders, invoices, or tracking information.
The new Beep malware is top of mind for organizations and individuals. This pervasive threat is delivered via email attachments, Discord, and OneDrive URLs.
When speaking to the report's findings, Callie Guenther, Senior Manager of Cyber Threat Research at Critical Start, emphasized the relentless surge in the volume of cyber threats, including advanced malware, botnets, ransomware, and cryptojacking. She also highlighted the importance of organizations taking proactive measures to reduce risk, such as investing in security awareness programs, updating security protocols, addressing vulnerabilities with trusted partners, and engaging the services of an MDR vendor.