News
New Cyber Threat Intelligence Report from CRITICALSTART® Highlights Prominent Threats and Emerging Cybersecurity Trends with Implications Spanning Multiple Industries
October 2023 by Critical Start
Critical Start, a provider of Managed Detection and Response (MDR) cybersecurity solutions and pioneer of the industry’s first Managed Cyber Risk Reduction (MCRR) solutions, published its biannual Cyber Threat Intelligence Report, leveraging research from its Cyber Threat Intelligence (CTI) team to highlight top cyber threats from the second half of 2023 and emerging cybersecurity trends impacting critical industries such as finance, education, manufacturing and state and local government (SLED).
Hackers have access to advanced, automated technologies that are enabling an unprecedented number of cyberattacks causing detrimental impact to organizations. Sixty-seven percent of organizations experienced a breach requiring attention within the last two years, despite having traditional threat-based security measures in place. By analyzing sources such as customer data, open-source intelligence, vulnerability research, and social media and dark web monitoring, Critical Start’s CTI team reveals key cyber threats disrupting businesses and highlights ways organizations can strengthen their security posture and proactively mitigate potential risk.
Key report findings include:
Phishing attacks leveraging Quick Response (QR) codes are on the rise with bad actors masquerading as Microsoft security notifications with a QR code embedded inside a PNG image or a PDF attachment.
Education remains one of the most susceptible industries to cyber-attacks, yet there is more diversity in the types of threats. Vulnerability exploitation accounted for 29% of attacks, while phishing campaigns constituted 30% of cyber incidents on K-12 schools in 2023.
Several known ransomware groups are sharing tactics, techniques, and procedures at a granular level suggesting that threat actors are much more reliant on affiliates than previously thought and highlighting the complex and ever-changing nature of the cybercrime economy.
Microsoft Teams allows external accounts to send potentially harmful files directly to an organization’s staff, increasing the risk of successful attacks by bypassing security measures and anti-phishing training.
Volt Typhoon, a threat actor sponsored by the Chinese state, is likely to persist in carrying out cyber espionage campaigns to support the broader Chinese government agenda against U.S. critical infrastructure.
"The volume and sophistication of cyberattacks is continuously growing and evolving making it impossible for organizations to feel on-top of internal vulnerabilities and remain cognizant of every external threat," said Callie Guenther, Senior Manager of Cyber Threat Research at Critical Start. "In an effort to democratize cyber threat intelligence, this report highlights the most prominent security-related issues plaguing business and how they can proactively reduce cyber risk."
As a part of the Critical Start Cyber Research Unit (CRU), Critical Start CTI continuously monitors emerging threat developments and vulnerabilities while collaborating with the Security Engineering and SOC teams to implement new detections that reduce the risk of a breach by expanding MITRE ATT&CK threat coverage for its customers. For future updates on emerging threats, follow the Critical Start Intelligence Hub.
