Cybercriminal Marketplaces Thrive: A 58.16%
Spike in Dark Web Listings
COMMERCE, Mich., April 30,
2024 /PRNewswire/ -- Nuspire, a leading managed
security services provider (MSSP), today unveiled its Q1 2024 Cyber
Threat Report. This latest report provides an in-depth examination
of the changing dynamics in cyber threats, highlighting rises in
ransomware, dark web commerce and exploit activities, alongside
measures to safeguard against these threats.
Cybercriminal marketplaces have seen a
staggering 58.16% spike in dark web listings.
The Q1 2024 report spotlights a 3.69% rise in
ransomware activities from Q4 2023, punctuating the
persistent threat ransomware groups pose. Additionally, dark
web market activity saw a staggering 58.16%
increase in listings, indicating significant growth in
the trade of stolen data and illicit goods.
Exploitation events also experienced a sharp uptick,
with a 52.61% increase in total activity from Q4.
The report specifically points to
the exploitation of the Hikvision Product SDK
WebLanguage Tag Command
Injection vulnerability (CVE-2021-36260) as a leading concern.
"Nuspire's latest report underscores a critical evolution in the
cyber threat landscape, marked by a notable increase in ransomware
attacks and a surge in dark web marketplace activities. The
obscurity and easy access of the dark web facilitate the exchange
of exploit kits and confidential information, reducing the hurdles
for would-be cybercriminals and complicating the task for cyber
defense mechanisms," said J.R. Cunningham, Chief Security Officer
at Nuspire. "Considering the secretive environment of the dark web
and the difficulties in overseeing its operations, it is crucial
for companies to emphasize intelligence gathering, ongoing
surveillance and staff training to adeptly navigate these advancing
threats."
Additional findings from Nuspire's newly-released cyber
threat report:
- Despite the U.S. Department of Justice's disruption of
LockBit's operations on Feb. 20,
2024, the group's extortion publications experienced only a
temporary decline before rapidly recovering, resulting in a 1.74%
increase in LockBit's publications by the end of Q1 2024 compared
to Q4 2023.
- The manufacturing sector, crucial to supply chains and rich in
intellectual property, faced a jump in ransomware attacks from
LockBit and CL0P. The growth in attacks highlights the
vulnerabilities this industry often faces resulting from complex
IT/OT systems, underinvestment in cybersecurity and the sector's
historical prioritization of operational continuity over security
measures.
- The report also revealed a more than twentyfold increase in
exploit attempts against the Hikvision Product SDK WebLanguage Tag
Command Injection vulnerability (CVE-2021-36260) compared to Q4's data. This
vulnerability allows for remote device hijacking without user
interaction on Hikvision security cameras.
- Listings on dark web marketplaces featuring Lumma Stealer saw a
significant increase, more than doubling from Q4 2023. Lumma
Stealer emerged in 2023 and quickly became a leader in infostealing
malware.
"IDC's research highlights the dark web as a burgeoning
marketplace for cyber threats, which is particularly concerning as
it operates beyond the reach of traditional security measures,"
said Craig Robinson, Program
Director of Security Services at IDC. "In response, organizations
must extend their vigilance beyond their immediate IT environment
to include intelligence gathering and monitoring these obscure
online spaces. This proactive stance is part of a broader
imperative to embrace emerging technologies, such as post-quantum
cryptography and AI-driven security solutions, to build a resilient
and forward-looking defense against an increasingly sophisticated
and elusive threat landscape."
To access the Q1 2024 Cyber Threat Report and learn more about
protecting your organization, visit Nuspire's website.
Learn more about ways to protect against the dark web.
About Nuspire
Nuspire is a managed security
services provider (MSSP) with 25 years of expertise, offering
managed security services (MSS), managed detection and response
(MDR), and managed endpoint detection and response (EDR) that
supports best-in-breed EDR solutions. The company also offers
cybersecurity consulting services (CSC) that include incident
readiness and response, threat modeling, digital forensics,
technology optimization, posture assessments and more. Nuspire's
self-service, technology-agnostic platform, myNuspire, allows
greater visibility into a CISO's entire security program. The
platform alleviates the pain associated with tech sprawl, provides
intelligence-driven recommendations, solves for alert fatigue and
helps clients become more secure over time. With a deep bench of
cybersecurity experts, award-winning threat intelligence and two
24×7 security operations centers (SOCs) Nuspire is equipped to
detect, respond and remediate advanced cyber threats. Nuspire's
client base spans thousands of enterprises, from midsized to large
enterprises across multiple industries and geographic footprints.
For more information, visit https://www.nuspire.com/ and
follow the company on LinkedIn @Nuspire.
View original content to download
multimedia:https://www.prnewswire.com/news-releases/nuspires-q1-2024-threat-report-exposes-dark-web-and-ransomware-surge-302131243.html
SOURCE Nuspire