Flashpoint report shows Australia among ‘most targeted countries’ for ransomware...

Friday, 18 August 2023 11:29

Flashpoint report shows Australia among ‘most targeted countries’ for ransomware attacks in July Featured

By Gordon Peters

Risk intelligence company Flashpoint has published its July Cyber Threat Intelligence Index which shows Australia was in the top 10 countries for ransomware attacks last month.

Ransomware
In its July Cyber Threat Intelligence Index, Flashpoint’s latest ransomware infographic paints a “sobering picture” of the evolving threat landscape, with cybercriminals employing increasingly sophisticated tactics. In July, Flashpoint recorded a total of 515 ransomware attacks.

Clop was the most prolific ransomware group, being responsible for nearly 33 per cent of July’s recorded ransomware attacks. The United States experienced the most ransomware events, accounting for 48 per cent of all July’s recorded ransomware attacks, while Australia ranked eighth. Internet Software and Services continues to be the most targeted industry, followed by Construction & Engineering, and Professional Services.

“We're consistently still seeing Australia among the most targeted countries in the world for ransomware attacks,” said Ben Gestier, Senior Intelligence Analyst and Team Lead APAC/EMEA, Flashpoint. “Safeguarding company assets from ransomwares is crucial for Australian businesses, who should all implement or constantly update their own threat readiness and response plans in order to prevent loss, service disruptions, and lasting damage.”

Vulnerability Intelligence
1,994 new vulnerabilities were reported in July, with 312 of them being missed by the Common Vulnerabilities and Exposures (CVE) and National Vulnerability Database (NVD).

36 per cent of July’s disclosed vulnerabilities are rated high-to-critical in severity. If exploited, these issues could pose a significant security risk. Over 56 per cent of last month’s vulnerabilities are remotely exploitable. This means that if leveraged, threat actors can execute malicious code no matter where the device is located.

Vulnerability Management teams can potentially lessen workloads by 90 per cent by focusing on actionable, high severity vulnerabilities. This classification is given to vulnerabilities that are remotely exploitable, that have a public exploit, and a viable solution.

Data Breaches
Studying breach events can help CISOs and security teams better understand the goals and motivations of threat actors. In July, Flashpoint recorded 529 data breach events and threat actors stole a total of 481.2 million records.

Organisations in the United States accounted for more than 64 per cent of July’s recorded data breaches. Unauthorised access, or hacking was the leading cause of data breaches in July, being responsible for over half of recorded data breach events.

Malware
Flashpoint has looked at the latest malware trends: which types of malware threat actors favour, how they get access into a victim’s systems, and what cybercriminals do once they gain a foothold.

Trojans were the most widely used malware type in July’s recorded cyberattacks. In particular, the cobaltstrike malware family accounted for 33.22 per cent of July’s top five indicators of compromise. The most favoured MITRE ATT&CK tactic was Command and Control.

Insider Threat
The tactic of recruiting insiders has become immensely popular amongst threat actors aiming to breach systems and/or commit ransomware attacks.

In July, Flashpoint analysts collected 7,055 posts advertising insider services – both from threat actors seeking insiders and malicious employees offering their services. Of those, 1,121 were unique posts from individuals in illicit and underground communities.

The Telecom, Financial, and Retail industries were the most targeted sectors for insider threats in July. The majority of insider threat related postings originated from insiders advertising their services to outside threat actors. Most of this activity came from the Telecom sector.

Read 1011 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

GARTNER MARKET GUIDE FOR NDR 2022

You probably know that we are big believers in Network Detection and Response (NDR).

Did you realise that Gartner also recommends that security teams prioritise NDR solutions to enhance their detection and response?

Picking the right NDR for your team and process can sometimes be the biggest challenge.

If you want to try out a Network Detection and Response tool, why not start with the best?

Vectra Network Detection and Response is the industry's most advanced AI-driven attack defence for identifying and stopping malicious tactics in your network without noise or the need for decryption.

Download the 2022 Gartner Market Guide for Network Detection and Response (NDR) for recommendations on how Network Detection and Response solutions can expand deeper into existing on-premises networks, and new cloud environments.

DOWNLOAD NOW!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!