Sharp rise in ransom demands and BEC incidents

Cybercriminals continue to exploit long-disclosed vulnerabilities for significant economic gains.

  • Monday, 26th February 2024 Posted 8 months ago in by Phil Alsop

Arctic Wolf has published its annual Arctic Wolf Labs Threat Report. Insights from the report reveal a year filled with cybercrime groups significantly increasing ransom demands, continuing to exploit well-known vulnerabilities that pre-date 2023, and executing business email compromise (BEC) schemes on a massive scale.

Created with threat, malware, digital forensics, and incident response case data that Arctic Wolf collects across the entire security operations framework, the Arctic Wolf Labs Threat Report delves deep into the cybercrime ecosystem, highlighting current global threat trends and offering strategic cybersecurity recommendations for the year ahead. The report serves as a key resource for cybersecurity, IT, and business leaders looking to gain a deep understanding of the global cybercrime landscape so that they can better protect their organizations from advanced cyber threats.

“By helping to end cyber risk for thousands of customers around the globe, Arctic Wolf Labs has access to an unmatched amount of data that allows us to provide deep and differentiated insights about the cybercrime landscape for both security practitioners and business leaders alike,” said Mark Manglicmot, senior vice president of security services, Arctic Wolf. “Not only do our findings from this report provide valuable insights to the cybersecurity community, but they also serve as a direct input to the threat detection models contained within the Arctic Wolf Security Operations Cloud, that ensures we are able to defend our customers against cyber threats of all shapes and sizes.”

Key Findings from the Arctic Wolf Labs Threat Report include:

• The median initial ransom demand rose 20% year-over-year to $600,000; with Legal, Government, Retail, and Energy industries each seeing median demands of $1 million or more.

• Despite BEC incidents outnumbering ransomware incidents by a factor of 10, a ransomware incident is 15 times more likely than a BEC incident to lead to an incident response investigation.

• Vulnerabilities first disclosed in 2022 or earlier continue to account for nearly 60% of incidents where the root cause was the exploitation of an externally accessible system.

• Manufacturing, Business Services, and Education/Non-Profit were the top three industries to appear on ransomware leak sites.

"The volume of cyber incidents continues to increase each year. As we enter 2024, the wide scale availability of AI tools has the potential to supercharge the ability of cybercriminals to successfully exploit vulnerabilities,” said Catherine Lyle, SVP of Cyber Claims & Incident Response at Tokio Marine HCC – Cyber & Professional Lines Group, a member of the Tokio Marine HCC group of companies based in Houston, Texas. “Resources like the Arctic Wolf Labs Threat Report assist carriers and businesses in understanding the current and future cybersecurity landscape. When used properly, this type of data can permit an organization to respond with appropriate vulnerability management, giving it a proven edge in safeguarding its sensitive systems and data. In turn, this makes it easier for the organization to mitigate any future harm by obtaining cyber insurance.”

Arctic Wolf Labs brings together Arctic Wolf’s elite security researchers, data scientists, and security development engineers together with a unified goal to help end cyber risk for organizations around the globe. Leveraging the trillions of security events the Arctic Wolf Security Operations Cloud ingests, parses, enriches, and analyzes each week, Arctic Wolf Labs is responsible for deliver cutting-edge threat research on new and emerging adversaries and leveraging machine learning and artificial intelligence to create advance threat detection models that drive continuous improvement in the speed, scale, and detection efficacy of Arctic Wolf’s security operations solutions.

The promise of AI is on every biopharma’s radar, but the reality today is that much of the industry is grappling with how to convert the hype into...
IT teams urged to resolve ‘data delays’ as UK executives struggle to access and use relevant business data.

‘Playtime is over’ for GenAI

Posted 3 days ago by Phil Alsop
NTT DATA research shows organizations shifting from experiments to investments that drive performance.

GenAI not production-ready?

Posted 3 days ago by Phil Alsop
Architectural challenges are holding UK organisations back - with just 24% citing having sufficient governance to implement GenAI.

AI tops decision-makers' priorities

Posted 3 days ago by Phil Alsop
Skillsoft has released its 2024 IT Skills and Salary Report. Based on insights from more than 5,100 global IT decision-makers and professionals, the...

The state of cloud ransomware in 2024

Posted 3 days ago by Phil Alsop
Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security realm.
Talent and training partner, mthree, which supports major global tech, banking, and business clients to build job-ready teams, has revealed the...

AI innovation is powering the Net Zero transition

Posted 3 days ago by Phil Alsop
Whilst overall AI patent filings have slowed, green AI patent publications grew 35% in 2023.