Huntress Releases 2024 Cyber Threat Report, Highlights Increased Targeting of Healthcare and Other Vital Industries
22 Mayo 2024 - 7:00AM
Huntress unveiled its 2024 Cyber Threat Report today. Delivering
insightful reporting on emerging cyber threats and tradecraft
targeting small businesses and mid-sized enterprises, Huntress
highlights ways threat actors showed their true colors. One of the
most unique findings is an emerging trend toward attackers using
smaller enterprises as testbeds before deploying similar attacks
into larger enterprises.
“We saw that no business or industry is ‘off the table’ for
attackers,” said Jamie Levy, Director of Adversary Tactics for
Huntress. “Last year, our inaugural threat report highlighted that
attackers attempted to avoid detection by blending in and
increasing account takeover tactics like business email compromise.
We observed that hackers continue to move covertly, exploiting
trusted tools and services and hitting vulnerable industries once
considered safe with ransomware attacks.”
Key Takeaways:
- Hackers are Hiding in Plain Sight
- 79% of cloud storage misuse incidents involved Microsoft
OneDrive, followed by 18% of incidents involving Google Drive and
3% involving Dropbox, as attackers use these services to distribute
malware or exfiltrate data.
- Threat actors are weaponizing off-the-shelf software tools to
hide their activity and gain remote access to key systems. Of the
tools leveraged for malicious activity, 36% were RMM tools,
including 15% of ScreenConnect and 12% of Atera. Additionally, 64%
of tools leveraged for malicious remote access were Remote Access
Trojans (RATs) due to their ease of installation and leaving little
traces on the endpoint.
- Ransomware Threats are Surging
- Late last year, DarkGate ransomware jumped by 880% in the
months immediately after the US Department of Justice-led takedown
of the Qakbot malware distribution and control network. In fact,
several ransomware variants spiked in the months after Qakbot, with
Akira spiking 501% and LockBit spiking 102%, showing just how
quickly cybercriminals can adapt strains to exploit new
targets.
- No Healthcare Target is Sacred
- The days of healthcare being an “untouchable” sector are over.
2023 highlights how healthcare organizations are prime targets for
ransomware and business email compromise as attackers find new ways
to extract patient data and take critical systems offline.
- Healthcare organizations face a range of cyber threats. In
2023, the top threats against healthcare organizations were 21%
Trojans, 14% RATs, and 11% initial access. While some of these
threats might initially seem harmless, they often pave the way for
more serious issues, such as ransomware.
- The top ransomware variants targeting the healthcare sector
were 29% Dharma, 17% DarkGate, and 15% LockBit.
- Business email compromise attacks against healthcare included
manipulating mailbox rules, bypassing location settings via VPN or
proxy, attacks on MFA, and unauthorized logins. In 2023, 34% of the
threats involved malicious mailbox rules in Microsoft 365, and 26%
used a VPN or Proxy.
The Huntress threat research team details their findings in this
report, leveraging the same data from the Huntress Managed Security
Platform to provide new and valuable insights to arm businesses and
their MSPs with new ways to mitigate risk and build more cyber
resilience.
Additional resources:
- Read part I of the III part series covering Huntress’
findings
- Download the full report
About HuntressHuntress is a leading
cybersecurity company focused on protecting and empowering small
businesses to mid-sized enterprises. Combining the power of the
Huntress Managed Security Platform with a human-led 24/7 Security
Operations Center (SOC), Huntress provides the top-rated
technology, services, education, and expertise needed to help
companies overcome cybersecurity challenges and protect critical
business assets. For more information about Huntress, visit
www.huntress.com and follow us on Twitter, Instagram, Facebook and
LinkedIn.
Contacts:Valerie Bacceipress@huntresslabs.com
+1 (650) 400-7833