Palo Alto Networks
Worrying cyber threat situation
Palo Alto Networks' Unit 42 team has published its Incident Response Report 2024, which paints a worrying picture of increasing cyber threats.
The Incident Response Report 2024 shows that threat actors are becoming increasingly sophisticated: They are better organized, work in specialized teams for different steps of the attacks and use IT, cloud and security tools. They are working ever more efficiently as they use processes and playbooks to achieve their goals faster. At the same time, attackers are benefiting from new AI capabilities. The report's findings are based on data that Unit 42 collects during its daily work: The Incident Response and Threat Intelligence teams help organizations assess, respond to and recover from cyberattacks.
The most important findings of the report
- Threat actors primarily exploited unpatched vulnerabilities in web applications and internet-enabled software as an attack vector, with compromised credentials and phishing in second and third place.
- Once attackers have penetrated a company, they only need two days to steal sensitive data. In 2021, it was still nine days. In 45% of cases, attackers even exfiltrated the data in less than one day after the compromise. This means that in almost half of cases, companies have to react within a few hours to stop the attackers.
- After payment, only 68 percent of attackers kept the promises they made in connection with the ransom demand. According to Unit 42, organizations that made a payment increasingly used harassment (27 percent in 2023 vs. < 1 percent in 2021) and data theft (82 percent in 2023 vs. 40 percent in 2021).
- Unit 42 found an increase of around 10 percent in cloud-related incident response incidents from 6 percent in 2021 to 16.6 percent in 2023.
The Incident Response Report 2024 can be found here.
You might also be interested in
Cyber attacks at record high
Cyber threats are at record levels: In 2023, Trend Micro blocked over 161 billion cyber threats worldwide. Cloud environments are a particular focus for attackers.
read more...MXDR service launched to defend against hybrid attacks
Vectra AI, a provider of hybrid attack detection, investigation and mitigation solutions, announces the launch of Vectra MXDR (Managed Extended Detection and Response), a hybrid attack protection service.
read more...Machine learning in cyber security
Machine learning holds great potential for cyber security - but there is a lot to consider when implementing it in a corporate context. Experts from Palo Alto Networks provide an overview.
read more...AI and ML in focus at the European Data Protection Day
January 28, 2024 is European Data Protection Day. Reason enough to raise awareness of privacy and data protection and sensitize people to relevant IT security issues. Here is a commentary by Carla Roncato, Vice President of Identity, WatchGuard.
read more...Better integration of cybersecurity tools needed
German cybersecurity experts express a desire for less complex and more integrated tools for their security infrastructure. This is shown by the results of the third part of the "OTRS Spotlight: Corporate Security 2023" survey.
read more...New Vice President of Global Partner Ecosystem appointed
Effective immediately, John Ryan is the new Vice President of Global Partner Ecosystem at Claroty, a specialist in the security of cyber-physical systems (CPS).
read more...Increasing cyberattacks on the manufacturing sector
A report from Check Point Exposure Management on the threat landscape in the manufacturing industry shows a dramatic increase in ransomware, supply chain attacks and OT-related cyber incidents. As smart factories and connected supply chains become...
read more...Cybersecurity is a top priority for car manufacturers
The latest "Automotive Manufacturing Outlook Survey" from ABB Robotics shows that cyber security has become the most important focus for automotive manufacturers around the world. This indicates a clear change in the perception of digital risks.
read more...Cloud security often inadequate
According to Red Hat's "State of Cloud-native Security" Report 2026, 97% of the companies surveyed with hybrid cloud environments reported security incidents within a year. This is based on data from around 600 IT specialists.
read more...