Tuesday, November 29, 2022
News
NEWS HOME
»
PRN INDIA
Secureworks State of the Threat Report 2022: 52% of ransomware incidents over the past year started with compromise of unpatched remote services
  SocialTwist Tell-a-Friend  
   

Analysis of the cyber threat landscape from the Secureworks ® Counter Threat Unit™ highlights key shifts in the tools and behaviors of adversaries across the world

ATLANTA, Oct. 4, 2022 /PRNewswire/ -- Secureworks ® (NASDAQ:SCWX), published its annual State of the Threat Report today, revealing that the exploitation in remote services has become the primary initial access vector (IAV) in ransomware attacks over the past year, accounting for 52% of ransomware incidents analyzed by Secureworks over the period (overtaking credentials-based attacks from 2021). Alongside this, there has also been a 150% rise in the use of infostealers, making them a key precursor to ransomware. Both these factors keep ransomware the primary threat for organizations, who must fight to stay abreast of the demands of new vulnerability prioritization and patching.

www.secureworks.com

The 2022 State of the Threat Report from Secureworks provides an overview of how the global cybersecurity threat landscape has evolved over the last 12 months, with a focus on the Secureworks Counter Threat Unit's™ (CTU) first hand observations of threat actor tooling and behaviors.

"We conduct thousands of incident response engagements every year. While ransomware remains the most prominent threat to businesses, we are tracking notable shifts in threat actor behaviors and their approach to campaigns. It's too simple to claim that ransomware as a service is slowing. Our research clearly shows a rise in Infostealers use and an evolution of tools and adversaries. The threat is changing, but it is not going away," states Barry Hensley, chief threat intelligence officer, Secureworks. "It's critical for organizations to stay ahead of the adversary with solutions that effectively prioritize risk, based on the most up-to-date intelligence. When businesses understand the nature of the threat, they can better focus resources and move quickly to optimize response."

Highlights from the Report Include:

  • Shift to exploiting vulnerabilities as primary initial access vector (IAV) over credentials-based attacks
  • Accelerated use of Infostealers as a means of enabling ransomware operations
  • Insights into the changing groups and threats associated with the continued dominance of ransomware
  • Changes and newcomers in the loader landscape
  • Tools and tactics of hostile government-sponsored groups across the world

The Onward March of Ransomware

Ransomware continues to remain the primary threat facing organizations accounting for more than a quarter of all attacks. Despite a series of high-profile law enforcement interventions and public leaks, and a small slow down over the summer months, ransomware operators have maintained high levels of activity.

The median detection window in 2022 is four and a half days, compared to five days in 2021. The mean dwell time in 2021 was 22 days but so far in 2022 is down at 11 days. Companies effectively have one working week to respond to and mitigate damage.

The number of victims listed on public "Name and Shame" sites continues to remain high with no year-over-year reduction. Despite some monthly fluctuations, the number of victims named in the first six months of 2022 is slightly higher at 1,307 than the 1,170 named in the first six months of 2021.

This year's Biggest Offenders based on Secureworks' incident response engagements are GOLD MYSTIC, GOLD BLAZER, GOLD MATADOR and GOLD HAWTHORNE. Notably, all of these groups are tied to Russia.

In some instances, the adversaries are making use of the fear surrounding ransomware to undertake lower tech crimes. Hack and leak operations where data is stolen and a ransom is demanded but no ransomware is deployed continued into 2022, with GOLD TOMAHAWK and GOLD RAINFOREST among the top culprits.

Vulnerabilities in Remote Services become the Biggest Issue

The 2022 State of the Threat Report from Secureworks also highlights that exploitation of vulnerabilities in internet-facing systems has become the most common initial access vector (IAV) observed. This is a change from 2021, when the dominant IAV was the use of stolen or guessed credentials.

As new vulnerabilities are discovered, developers of widely available offensive security tools used by threat actors are quick to incorporate new vulnerabilities into their tools, often meaning that even less sophisticated threat actors are able to exploit new vulnerabilities before security teams can patch.

The Rise of Infostealers

CTU researchers have seen an increase in the sale of network access sourced from credentials acquired by information stealers. In a single day in June 2022, CTU™ researchers observed over 2.2 million credentials obtained by Infostealers available for sale on just one underground marketplace; last year this figure on the same market with respect to the same stealers was 878,429. That's an increase year on year of over 150%.

The three main stealer markets include: Genesis Market, Russian Market and 2easy. There is a plethora of stealers for sale on underground forums but some of the major ones include Redline, Vidar, Raccoon, Taurus, and AZORult.  

Infostealers provide the means to quickly and easily obtain credentials that can be used for initial access, making them a major enabler of ransomware operations. Innovative distribution methods for Infostealers have included cloned websites and trojanized installers for messaging apps such as Signal.

A Change in the Loader Landscape

Between July 2021 and June 2022, two big names in the loader landscape disappeared (Trickbot and IceID) and two returned (Emotet and Quakbot). This indicates that groups are moving away from the complex, fully featured botnets that evolved from the early banking trojans towards more lightweight loaders that are easier to develop and maintain – a trend that has only increased with the use of post-exploitation tools such as Cobalt Strike.

Understanding the Nation-state Threat

The Secureworks CTU has tracked several significant activities which can be attributed to nation-state sponsored threat groups, including their motivations, behaviors and tactics

  • China: Chinese government sponsored groups are some of the most prolific and well-resourced threats in cybersecurity. Over the course of the ongoing Russia/Ukraine conflict, observed threat activity from Chinese government sponsored groups has targeted both Russia and Ukraine. A notable behavior from these adversaries is the use of ransomware as a smokescreen for intellectual property theft and cyberespionage, rather than for financial gain.
  • Russia: The war against Ukraine has been revealing for Russia's cyber capabilities. At the outset of the conflict there were wide fears of destructive attacks with wide scale repercussions as was seen with NotPetya in 2017. However, despite a steady cadence of cyber activity directed against Ukrainian targets, some of which is identifiably from Russian government-sponsored threat actors, no widely disruptive attacks have been successful. The most visible Russian threat group tracked by the CTU over the past year has been IRON TILDEN. This group is notable for spearphishing attacks conducted primarily against Ukraine but also against Latvia's parliament in April.
  • Iran: Links of Iranian threat groups to government have become clearer over the past year. Ransomware continues to develop as a theme across Iranian threat group activity although often it appears with the purpose of disruption rather than financial gain. Over the past year Secureworks incident responders have investigated COBALT MIRAGE ransomware attacks against organisations in Israel, the US, Europe and Australia and the team was able to identify the individuals behind the group.
  • North Korea: Multiple ransomware families have been linked to North Korea over the past 12 months, including TFlower, Maui, VHD Locker, PXJ, BEAF, ZZZZ, and ChiChi. The continued emergence and evolution of these ransomware families strongly suggests it is a stream of revenue that operators in the region will continue to pursue. Cryptocurrency and decentralized finance organizations have been a major focus of activity, and North Korean threat groups have reportedly stolen over $200 million USD from crypto exchanges since 2018.

State of the Threat 2022

The Secureworks CTU 2022 State of the Threat Report can be read in full here: https://www.secureworks.com/resources/rp-state-of-the-threat-2022

About Secureworks

Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that protects customer progress with Secureworks ® Taegis™, a cloud-native security analytics platform built on 20+ years of real-world threat intelligence and research, improving customers' ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

Connect with Secureworks via  Twitter,  LinkedIn  and  Facebook  and
Read the Secureworks Blog

Logo:  https://mma.prnewswire.com/media/1558509/Secureworks_V1_Logo.jpg

Cision View original content:https://www.prnewswire.co.uk/news-releases/secureworks-state-of-the-threat-report-2022-52-of-ransomware-incidents-over-the-past-year-started-with-compromise-of-unpatched-remote-services-301639388.html

More News by PR Newswire India

Finance Minister Smt. Nirmala Sitharaman, to attend Start-up Inclusion Summit to support inclusive growth in Start-Up Ecosystem

Opening of Zuunbayan-Khangi railway set to deliver major boost to Mongolian exports and economy

Sinopec Uncovers High-Yielding Shale Gas Reserve in Sichuan Basin

1K Kirana brewing a revolution; building Bharat's largest network of neighborhood Kirana stores

France and India join forces for better healthcare in future

India's pre-owned car market to surge 2.5X in value to be INR 4.4 Trillion and grow 2x in volume to reach 8.2 Mn units, over the next five years: OLX - CRISIL Auto Note 6

SM Prime Standardizes with SoftwareONE MTWO Platform

CM Shri Naveen Patnaik inaugurates Happiest Minds Development Centre at Bhubaneswar

CHUV, CERN and THERYQ join forces for a world first in cancer radiotherapy

Prashant Wagh of AQURA conferred with 'Asia's Inspirational Leader 2022' award at the 'Global Business Conclave 2022' in London

Zoomlion Tower Cranes Construct Lusail Stadium, Venue of the World's Biggest Football Tournament in Qatar

TECNO Unleashes Industry's First Dual-prism Periscope Tele Camera with the Biggest Angle of Tilt Ability

Kiko Live enables a new feature CLS - Customer Listed Seller

1 in 3 women suffer from Iron Deficiency symptoms including tiredness[1,2,3] and dizziness[4,5]

Newton Cinema's 'Family' to have its world premiere at the 52nd International Film Festival of Rotterdam

CPA Australia supports the World Congress of Accountants in India

Two PHBS Master's Programs Ranked 1st in Asia and Top 20 Globally

Dosti Realty to host The Maruti Suzuki Devils Circuit Mumbai Edition

Vayana Network begins operations of its ITFS platform, Vayana TradeXchange (VTX), Initiates the first transaction in partnership with VoloFin

VinCSS Applauded by Frost & Sullivan for Enabling the Protection of Users, Devices, and Data from Password-related Attacks with Its Robust IAM Security Approach

Successful Farmer Producer Organisations are those that look beyond the objective of profits - underscore experts at webinar by WOTR

Woxsen University expands its portfolio of Chair Professorships with new Labs & Competitions

Visionet Systems India's free youth skills program 'Unnati for India' to address financial skill gaps in the BFSI sector

Jewellerskart launches India's Most Advanced Jewellery E-commerce Platform 'Jewellerskart 2.0'

ViewSonic Unveils 2022 ColorPro Award Top 10 Winners

China Matters' Feature: A Rising Star Stands for the Future of Chinese Women's Volleyball

Burj Khalifa by Emaar to Host a Cutting-Edge Laser Light Extravaganza and Phenomenal Firework display on Emaar New Year's Eve

Global Cloud Xchange (GCX), a leading network service company, signs up Sonata Software as its technology and business transformation partner, in a multi-million multi-year deal

At CIIE opening, Trina Solar chairman Gao talks about path to net zero emissions

Cyient Strengthens Leadership at Cyient DLM to Expand its Manufacturing Business

MediSim VR Wins Start-up of The Year Award at TANCARE 2022

Bloom Platform Continues Expansion In Key Markets

China Matters releases a short video "What was considered the 'Ivy League' of ancient China?" to tell a British scholar's view

Xinhua Silk Road: Shanghai International Shipping Center enters new stage of comprehensive development

Xinhua Silk Road: Handcrafts Yuan Theater officially opens its door to people in east China's Shandong

Trina Solar scores 100% in 2022 BNEF Bankability Survey, 210mm modules taking the lead in bankability

Bitget Launches BitGator - Indian Ambassador Program For Crypto Enthusiasts

Ex-Biocon team, Symbio Generrics completes capital raise from Ascent Capital

ICFAI Business School offers unique curriculum in its management program

Benesse, the leading education company of Japan, enters India

The 6th China-South Asia Exposition held in China's Yunnan

Online Training & Certification Courses on Cyber Security and Artificial Intelligence & Machine Learning by Defence Institute of Advanced Technology, DIAT, Pune

Hivestack partners with China's leading offline advertising solution provider, Focus Media

Openbravo announces its acquisition by leading French group DL Software

US-India Airline Ticket Sales for Holiday Season Outpaces 2019 Levels

REYL Finance MEA awarded "Best Overall Fund Manager - Regional/Global Reach" accolade by WealthBriefing

A New Departure for an Intelligent Future China International Intelligent Communication Forum 2022 Held in Wuxi

ExpressVPN confirms security of its desktop apps with three new independent audits

Vieworks exhibits at RSNA 2022 with its complete lineup of next generation x-ray flat panel detectors

Explosive Brand Power: VIVOTEK Recognized as Top40 Taiwan Global Brand for the 3rd Year in a Row

SUNRATE announces strategic partnership with Agoda

Blockchain tech innovation forum held in Chengdu

Canada Releases its 2022 New Wheat Crop Report

Bithumb Lists $ALT, the Governance Token of GameFi Project ArchLoot

TRUE COLORS FESTIVAL THE CONCERT 2022 WITH KATY PERRY REACHES GLOBAL AUDIENCE WITH STUNNING MESSAGE OF INCLUSION

Macmillan Education India's Hop Skip and Jump comes of age, aligned with the National Curriculum Framework for Foundational Stage 2022

Huawei signs global ITU pledge to help 120 million people in remote areas connect to the digital world

Kinseed Selects Solace's Event Streaming and Management Solution to Accelerate Digital Transformation in the Healthcare Industry

TaiwanPlus's Elections Livestreaming Event to Showcase Taiwan's Vibrant Democracy

Nobel Sustainability Trust Foundation Paris Summit

DUBAI ESPORTS FESTIVAL 2022 CONCLUDES ON A HIGH NOTE

Cloud4C Achieves AWS DevOps Competency Status

Global Top 2 LCD TV Brand TCL Cheers for Your Favourite Football Teams with Immersive Viewing Experience

Averna Announces New Member to Join its Board of Directors

Maruti Suzuki Devils Circuit Celebrates Xth Year!

Bank of Baroda Reduces Home Loan Interest Rates by 25 bps to 8.25% for a Limited Period

Innodisk Proves AI Prowess with Launch of FPGA Machine Vision Platform

Nexteer & Tactile Mobility Honored with CES 2023 Innovation Award for Road Surface Detection & Early Intuitive Warning Software

HONOR Unfolds the HONOR Magic Vs, Its Next-Generation Foldable Flagship and the HONOR 80 Series in China

InUni Fashions Strategic Insights Into International Markets For Elmira

Baccarose brings Italian beauty brand, Diego dalla Palma to India

Get Set Learn and TiE Bangalore set to promote entrepreneurial skills among students with Future Unicorns Launchpad

Advantages of Hot Melt Adhesives (HMAs) Drive the Industry's Growth

Denave Expands Global Footprint with New Delivery Center in Malaysia

Spinny Max: Growing Demand for Used Luxury Cars in Tier-2 and Tier-3 Cities

Lunit Partners with CARPL.ai to Accelerate AI-Powered Medical Imaging Across Major Overseas Channels

Xinhua Silk Road: Economic development, financial cooperation amid changes highlighted at Financial Street Forum 2022 annual conference

Integra Software Services Inaugurates its Green Building

TECNO's Push for Premium Webinar Teased New Flagship PHANTOM X2 Series Powered by MediaTek's Dimensity 9000 5G Chip

Value of simulation-based training for cataract surgery highlighted in new articles in Indian Journal of Ophthalmology

PLDT builds $75M PH link of Asia Direct Cable, boosts Intra-Asia Connectivity

Rockwell Automation Introduces Intelligent Edge Management Solution FactoryTalk Edge

OpenLight Announces Process Design Kit Availability with Industry's First Unified Electronic and Photonic Design Platform

Enterprise Holdings Grows Car Rental Presence in South Korea

China Matters releases a short video "11 Reasons Why I've Fallen in Love with Beijing" to tell an American vlogger's view

Frost & Sullivan Recognizes Atento for Leading the Customer Experience (CX) Outsourcing Services Industry in Brazil with Trendsetting Solutions

CGTN: Officials voice confidence in China's economy, urge cooperation

Vantage and NEOM McLaren Extreme E make a splash for ESG at the Finance Magnates London Summit 2022

Counterpoint Research, MTK, TECNO and Editor at Large from Forbes Magazine Compared Notes on The Changing Forces in Premium Smartphone Domain

/DISREGARD RELEASE: OpenWay/

OpenWay launches Card- and Wallet-as-a-Service platform for CaaS providers across the globe

MAG OF LIFE LAUNCHES EIGHT MANSIONS AT THE RITZ-CARLTON RESIDENCES, DUBAI, CREEKSIDE, EACH VALUED AT USD 47.8 MILLION

Dobot Launches Nova Collaborative Robots for Retail Automation

Interplex Announces Stackable Multi-Row Board-to-Board Connector Products That Achieve Unprecedented Flexibility

A first in India, Ganga Floodwater becomes available for drinking in Bihar

Educators at JBCN Oshiwara raised awareness about the importance of Mental Health

ASIA'S LEADING ANIMATION STUDIO ASSEMBLAGE JOINS THE CINESITE GROUP

Omdia: Semiconductor market declines into uncharted (seasonal) territory

Infosys to Digitize and Automate Processes at Envision AESC's EV Battery Manufacturing Plants

Sinopec and QatarEnergy Ink Long-term LNG Deal

AAA GameFi MMORPG Bless Global Will Soon Start its Second Mystery Box Sale and the Public Beta Test

Accolite Digital Announces Acquisition of TeamTek Consulting to Accelerate Growth in EMEA & APAC

Stephen Hermitage joins Sai Life Sciences as VP, CMC

Vaishali Nigam Sinha, Founder & Chair, ReNew Foundation & CSO, ReNew Power recognised among list of '100 people transforming business globally' by Business Insider

HONOR Launches HONOR MagicOS 7.0 in China

Prayagraj Power Generation Company Limited (PPGCL) and UptimeAI collaborate to speed up initiatives for digital transformation related to flexibilization and setting up an AI expert centre for performance enhancement

FIRMENICH DELIVERED DOUBLE-DIGIT REVENUE GROWTH IN THE FIRST QUARTER OF FINANCIAL YEAR 2023

Thunes Launches Instant Payouts to 1Bn + Weixin Users: Forges Unique Link Between China and the Rest of World

Lexus Design Award India 2023 Announces Finalists, Opens Voting for People's Choice Award

PUBLICATION OF THE OFFERING CIRCULAR IN RELATION TO THE MERGER BETWEEN DSM and Firmenich and the LISTING OF DSM-Firmenich ON EURONEXT AMSTERDAM

K Hospitality Corp Celebrates Its Golden Jubilee with Growth Plans Across its Verticals

Rummy Passion introduces Latest Addition of Sit & Go Cash Tournaments

Quant and UST Partner to Accelerate the Adoption of Institutional Digital Assets Across Financial Services

Bitget registers in Seychelles and plans to grow its global workforce by 50%

Cloudera Powers Enhanced Analytics for PTT Oil and Retail Business to Transform Customer Experiences

The American Carbon Registry (ACR) has partnered with AirCarbon Exchange (ACX) to offer ERT on the Exchange

Xinhua Silk Road: Chinese liquor brand Wuliangye outshines at 2022 APEC CEO Summit

ROSHN's Landmark Development SEDRA Welcomes First Residents

AUTOMOBILI PININFARINA CONFIRMS RECORD-BREAKING BATTISTA PERFORMANCE AT UAE DEBUT

CGTN: China commits to global growth, governance at G20 Summit, APEC meeting

CASE Announces Publication of Global Exchange: Dialogues to Advance Education by President and CEO Sue Cunningham

Quantivly exhibits at RSNA 2022 with AI-driven software to transform the way radiology leaders manage operations and increase access to imaging for the population.

Cell Impact is one of the fastest growing tech companies in Sweden

Public Interest Registry Names Five New Members to its Advisory Council

ThroughPut Inc. Announces Partnership with project44 to Unleash AI-Powered Supply Chain Capacity and Profitability

Toshiba TV promisingly hits the mark with the stunning M550L

Saudi Arabia launch documenting domestic workers contracts through "Musaned"

Godrej Locks to safeguard 52 locations in 52 weeks

HarperCollins India presents Mahagatha: 100 Tales From The Puranas by Satyarth Nayak

Hisense's Value-Based Innovation Becomes the Pivotal Driving Force to Achieve Brand Growth

Amazfit Pop 2 Smartwatch launching in India: Sale to begin on Flipkart at 12 Noon

China Matters presents the video "Tweed Run in a Beijing Rhythm" depicting stylish cycling in Beijing

Sonata Software bags the coveted Golden Peacock Award for Excellence in Corporate Governance 2022, second time in a row

CGTN: Peng Liyuan: Music connects people of China and Thailand, deepens friendship

MET Institute of Management, Bhujbal Knowledge City Sensitizing Businesses about Circular Economy for a Sustainable Future

Cambrex to Acquire Snapdragon Chemistry, a Leader in Continuous Flow API Development Services

APR Applied Pharma Research (a Subsidiary of Relief Therapeutics) is a Finalist in the 2022 Rare Disease International Film Festival

OLON, INTERNATIONAL API SUPPLIER, RELEASES THE NEW SUSTAINABILITY REPORT 2022 CONFIRMING THE PROGRESS OF ITS SUSTAINABILITY IN THE FOCUS AREAS OF ENVIRONMENT, SUPPLY CHAIN, PEOPLE, COMMUNITY ENGAGEMENT, PRODUCTION

Infosys InStep Ranked as the 'Best Internship Program' for Five Consecutive Years

CIE-IIITH's Deeptech, Medtech and MediaTech Accelerators Winter 2022 cohort commences with 9 startups

Nespresso, pioneer of premium single-serve coffee, unveils new range of home compostable coffee capsules

Appian appoints Silvio Lima as Head of Corporate Affairs, ESG and Community Engagement

TCL Wins Two CES® 2023 Innovation Awards, Reaffirming its Leadership in Display Technology

Gotion High-tech and VinES Vietnam base break ground at joint venture battery factory

IGT Solutions Wins Gold for Tokopedia Care

Bluehost Announces Black Friday Sale: Up to 60 percent off on Websites & Stores

A new feat - another 100,000 graduates from Zion Christian Mission Center

PolyU researchers compile world's first "atlas" of airborne microbes that provides an important new perspective for public health research

Intas Pharmaceuticals Ltd. marches into the Guinness World Records

The First Match Kicks off Tonight; Higer mobile service buses are already in place

Dar Al Arkan introduces Trump signature villas, hotel, and golf course at its hilltop project 'AIDA' in Muscat, Oman

 
 
TRENDING TOPICS
 
 
CITY NEWS
MORE CITIES
 
 
INDIA WORLD ASIA
Massive fire breaks out in Assam's Darra...
CBI arrests Tamil Nadu man for impersona...
Kerala Police arrest ganja mafia from Od...
Airports Authority of India commences Av...
Jharkhand: 110 m tall chimney of Tata St...
Delhi man kills father, chops him into b...
More...    
 
 Top Stories
'Pathaan' songs to be out before of... 
'India on course to being a superpo... 
Minor girl student molested by teac... 
ASEAN-India comprehensive strategic... 
'India on course to becoming a supe... 
Gujarat polls: Mobile phone flashli... 
Plant study hints evolution may be ... 
ED attaches 40 pc share of hotel pr...