1

Darktrace end of year threat report sees ‘shifting threats’ as MaaS and RaaS dom...

 3 months ago
source link: https://itwire.com/business-it-news/security/darktrace-end-of-year-threat-report-sees-%e2%80%98shifting-threats%e2%80%99-as-maas-and-raas-dominate.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Wednesday, 07 February 2024 14:19

Darktrace end of year threat report sees ‘shifting threats’ as MaaS and RaaS dominate Featured

By Gordon Peters

Rapid shifts in the cyber security landscape and new techniques adopted by attackers attempting to sidestep traditional defences are revealed in the 2023 End of Year threat report from Cyber security artificial intelligence provider Darktrace.

The 2023 End of Year Threat Report by Darktrace indentifIes the key threats and attack methods facing businesses observed across the past 6 months by Darktrace’s Self-Learning AI across its customer fleet, with the findings showing that as-a-service attacks continue to dominate the threat landscape - with Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) tools making up the majority of malicious tools in use by attackers.

The most common as-a-Service tools Darktrace saw in use from July to December 2023 were:

  • Malware loaders (77% of investigated threats[1]), which can deliver and execute other forms of malware and enable attackers to repeatedly target affected networks.
  • Cryptominers (52% of investigated threats), which use an infected device to mine for cryptocurrency.
  • Botnets (39% of investigated threats) enrol users in wider networks of infected devices, which attackers then leverage in larger-scale attacks on other targets.
  • Information-stealing malware (36% of investigated threats), malicious software like spyware or worms, designed to secretly access and collect sensitive data from a victim’s computer or network.
  • Proxy botnets (15% of investigated threats), more sophisticated botnets that use proxies to hide the true source of their activity.

Darktrace notes that the report - First 6: Half-Year Threat Report - also reveals a “changing of the guard”, and identified Hive ransomware as one of the major Ransomware-as-a-Service attacks at the beginning of 2023.

“With the dismantling of Hive by the US government in January 2023, Darktrace observed the rapid growth of a range of threats filling the void, including ScamClub, a malvertising actor notorious for spreading fake virus alerts to notable news sites, and AsyncRAT, responsible for attacking US infrastructure employees in recent months,” Darktrace notes.

Noting that attackers shift to advanced solutions to bypass conventional security measures, Darktrace cautions that as businesses continue to rely on email and collaboration tools for communication, methods such as phishing continue to cause a headache for security teams.

“Darktrace detected 10.4 million phishing emails across its customer fleet between the 1st September and the 31st December 2023. But the report also highlights how cybercriminals are embracing more sophisticated tools and tactics designed to evade traditional security parameters. One example is the rise of Microsoft Teams phishing in which attackers contact employees through Teams, posing as a co-worker and tricking them into clicking malicious links. In one case in September 2023, Darktrace identified a suspected Teams phisher attempting to trick users into clicking a SharePoint link that would download the DarkGate malware and deploy further strains of malware across the network.

“Another new trend identified is the growth of malware developed with multiple functions to inflict maximum damage. Often deployed by sophisticated groups like cyber cartels, these Swiss Army knife-style threats combine capabilities. For example, the recent Black Basta ransomware also spreads the Qbot banking trojan for credential theft. Such multi-tasking malware lets attackers cast a wide net to monetise infections,” the report reveals.

"Throughout 2023, we observed significant development and evolution of malware and ransomware threats, as well as changing attacker tactics and techniques resulting from innovation in the tech industry at large, including the rise in generative AI. Against this backdrop, the breadth, scope, and complexity of threats facing organizations has grown significantly,” comments Hanah Darley, Director of Threat Research, Darktrace. “Security teams face an up-hill battle to stay ahead of attackers, and need a security stack that keeps them ahead of novel attacks, not chasing yesterday’s threats.”

Download the 2023 End of Year Threat Report at darktrace.com/threat-report-2023

Read 713 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here


Lead-Machine_pink_600x260.jpg

ELASTICON SYDNEY 2024 LATEST ADVANCEMENTS IN GENERATIVE AI

On 20 February, keynote addresses from NAB, Canva, AWS, and Google Cloud, among others, will feature at ElasticON Sydney 2024.

This event will explore the latest advancements in generative AI

The one-day conference, hosted by leading search analytics company Elastic, will include networking drinks, hands-on labs, technical sessions and a stellar line-up of keynote speakers from finance, technology, and government e=sectors.

ElasticON Sydney 2024 promises to be an enriching experience with a comprehensive exploration of the latest developments in security, observability, generative AI and their real world applications

Don't miss out on this opportunity to network and find answers for what's next from your industry peers and leaders

Register for ElasticON Sydney 2024

REGISTER HERE!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK