In the first quarter of 2023, the Trellix Advanced Research Center (ARC) has unveiled a comprehensive CyberThreat Report, delivering crucial insights into the evolving global threat landscape. The study meticulously analyses the key challenges faced by CISOs and SecOps teams, examines the global cybersecurity landscape, and explores significant security incidents.
According to the report, 96% of CISOs have identified outdated technology as a significant factor that undermines cyber resilience. This figure underscores the imperative for organizations to upgrade their technology infrastructure to bolster their defenses against the increasing wave of cyber threats.
From a broader perspective, the global cybersecurity landscape has been dominated by ransomware attacks and critical infrastructure incursions. Strikingly, Chinese-affiliated threat groups have been particularly active, contributing to nearly 80% of all nation-state activity.
Diving deeper into key security incidents, threat actors have been found to exploit Windows PowerShell and file transfer tools, each accounting for 34% of the attacks. The exploitation of third-party tools and “living off the land” binaries has also been a notable trend.
Fabien Rech, SVP and GM EMEA at Trellix, offers a UK-centric perspective on how critical infrastructure continues to be an attractive target for cybercriminals. Rech points out that in Q1 2023, the insurance sector emerged as the most targeted by ransomware groups, accounting for 20% of attacks.
Yet, from a nation-state perspective, the energy, oil, and gas sectors have seen the most detected attacks. This shift in sectoral targeting underscores the dynamic and adaptable nature of cyber threat actors, who in Q4 2022 were primarily targeting the transport and shipping sector.
The government sector, meanwhile, has been the most impacted by malicious emails, comprising 11% of attacks in Q1 2023. In contrast, the telecoms industry was the most targeted in the previous quarter, accounting for 42% of malicious email campaigns.
The report’s findings reaffirm the need for organizations across all industries to bolster their defenses in anticipation of sophisticated attacks. The sentiment is echoed by UK CISOs, where 96% agree that they need better solutions to protect their entities from cyber threats.
In conclusion, implementing a security architecture that readily adapts to emerging threats can significantly enhance an organization’s resilience against cyberattacks, minimizing disruption and ensuring operational continuity. The CyberThreat Report by Trellix ARC provides a valuable compass for navigating the challenging landscape of cyber threats, enabling organizations to stay ahead of the curve and maintain robust security postures.