Identity-Based Attacks Surge; Ransomware Threats Persist in the Third Quarter of 2024
-
Identity-based operations were prevalent this quarter, with credential theft being the main goal in 25% of incident response engagements.
-
Ransomware, pre-ransomware, and data theft extortion accounted for nearly 40% of engagements.
-
Education, manufacturing, and financial services were the most affected sectors.
Dubai, United Arab Emirates: Ahead of Black Hat MEA in Riyadh from 26-28 November 2024, Cisco, the worldwide leader in networking and security, released insights into key cybersecurity trends that emerged between July and September 2024. The findings are based on analysis from Cisco Talos, one of the most trusted threat intelligence research teams globally, highlighting a notable increase in identity-based and ransomware attacks.
Over the three-month period, there was a noticeable rise in identity-based attacks, particularly with a focus on stealing credentials, which accounted for 25% of incident response engagements. These types of attacks have become easier to execute, often using readily available tools.
Ransomware incidents also remained a significant concern, making up nearly 40% of engagements. New ransomware variants, including RansomHub, RCRU64, and DragonForce, were observed this quarter, alongside familiar variants like BlackByte and Cerber.
Organizations in the education, manufacturing, and financial services verticals were most affected this quarter, accounting for over 30% of compromises. This trend aligns with what was observed in previous quarters in 2024.
Cisco is participating as a strategic sponsor at Black Hat MEA 2024 under the theme “Innovating a New Era of Security,” showcasing its latest innovations in cybersecurity. This year, Cisco is highlighting how it powers and protects the engine of the AI revolution—AI-ready data centers and clouds—to make every application and device secure no matter how they are distributed or connected.
Salman Faqeeh, Managing Director, Cisco Saudi Arabia, commented: “The mounting trends in identity-based attacks and ransomware highlight the evolving nature of cyber threats. At Cisco, we are committed to supporting our customers in strengthening their digital resilience with advanced security solutions.” He added, “Black Hat MEA continues to be a significant platform for us to share the latest threat insights and showcase our innovations that prevent identity-based attacks, detect and stop breaches, and close the exploit gap.”
Additionally, Splunk, a Cisco company, will showcase its innovations at the same booth, demonstrating solutions that support the future of Security Operations Centers (SOC) as well as specialized solutions for Operational Technology (OT) environments.
As part of Cisco’s program of events at Black Hat MEA, Lothar Renner, Managing Director, Cisco Security, EMEA, will deliver a keynote address on “Redefining Security in the Age of AI,” emphasizing Cisco’s commitment to innovation and security in an increasingly complex threat environment.
Cisco will be present at booth H1-T20 at the Riyadh Exhibition & Conference Centre in Malham from 26-28 November 2024.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
