Cyber threat actors evolve tactics

Threat actors evolved their tactics in 2024 to take advantage of business and technology consolidation, according to a report from cyber risk solution company Resilience.

Increasing M&A and reliance on ubiquitous software vendors created new opportunities for threat actors to unleash widespread ransomware campaigns by exploiting a single point of failure, according to the Midyear 2024 Cyber Risk Report, published today.

Some of the most disruptive cyber attacks over the past year involved heavily interconnected systems or recently acquired companies, to devastating effect.

Ransomware remained the leading cause of loss since January 2023, with 64% of ransomware-related claims resulting in a loss. The financial severity of claims related to ransomware attacks increased 411% from 2022 to 2023.

Ransomware attacks on Change Healthcare and CDK Global, as well as the PanOS zero-day vulnerability, represented 2024’s top claim-driving events thus far.

Of all claims received since January 2023, 35% were the result of a vendor data breach or ransom attack exploiting a third-party vendor (including notable vulnerabilities associated with Ivanti software), In 2024 that number is already 40% and expected to grow, according to the report.

The BlackCat hacking group (responsible for the Change Healthcare cyber incident) entered 2024 with an existing track record: in 2023, the group topped the list of most costly attacks, with BlackCat attacks accounting for 18% of covered losses from ransomware, Resilience says.

Two sectors saw the largest increases in claims in 2024: manufacturing and construction. Manufacturing rose from 15.2% of all claims in 2023 to 41.7% of all claims in 2024; while construction rose from 6.1% of 2023 claims to 25.0% of 2024 claims.

“Major attacks like the ones on Change Healthcare, CDK Global and AT&T have been wreaking havoc and making headlines, but they also remind us that we’re facing a new status quo. Increased vendor interdependence and M&A activity have created an unprecedented opportunity for hackers, with far more points of failure and potential for human error,” said Vishaal Hariprasad, co-founder and CEO of Resilience.

“Now more than ever, we need to rethink how the C-suite approaches cyber risk. Businesses are interconnected like never before and their resilience now depends on that of their partners and others in the industry.”



Share Story:

YOU MIGHT ALSO LIKE


Investec is disrupting premium finance – Podcast
Investec made waves in entering the premium finance market, where listening and evolving in response to brokers made a real difference.

Communicating in a crisis
Deborah Ritchie speaks to Chief Inspector Tracy Mortimer of the Specialist Operations Planning Unit in Greater Manchester Police's Civil Contingencies and Resilience Unit; Inspector Darren Spurgeon, AtHoc lead at Greater Manchester Police; and Chris Ullah, Solutions Expert at BlackBerry AtHoc, and himself a former Police Superintendent. For more information click here

Advertisement