Here is one cybersecurity trend that most will agree with: things are not getting easier. But the Lumu Compromise Report 2024 also makes it clear that there is hope.
This year has seen a broad variety of attacks and breaches in the cyber world, and the new Lumu Compromise Report 2024 reveals just how these attacks were carried out, as well as the countries and industries that have been targeted.
The report tells the story of how hackers continue to gain access, especially using infostealers and ransomware to exploit vulnerabilities, and what to look out for to defend against the onslaught.
While it is difficult to whittle down this in-depth report to just three takeaways, we have pulled out three topics that are essential reading for anybody worried about defense.
Infostealers: Targeting the USA
One significant cybersecurity trend for 2024 has been that infostealers are disproportionately targeting the USA. Infostealers are designed to extract sensitive information that can then be used or sold for malicious intent, such as financial gain, identity theft, or to further compromise your organization
58.3% of infostealer attacks recorded by Lumu were in the USA, making it by far the biggest target of any country in the region — why
Generally, the motivator for these infostealer attacks is financial. As the biggest economy in the world, and amongst the most technologically advanced, the USA is an obvious target for financial cyberattacks.
Credentials stolen through infostealers are often exploited, or sold on the dark web, as a gateway to deliver ransomware.
Ransomware: Going for the Underbelly
While we’ve recorded ransomware attacks in pretty much every sector of society, one worrying cybersecurity trend is that cyberattackers are targeting some of the most valuable and sensitive sectors in society.
Amongst the top sectors affected, as you can see in the above graphic, are fundamental pillars of everyday life in the USA.
Government has been particularly under siege, with attackers not only targeting public funds but also looking to disrupt critical infrastructure. On top of financial gain, there is a geopolitical element to this with increased action from foreign actors opposed to the US. Alongside government, attacks on sectors such as manufacturing, construction, and energy are also designed to disrupt daily life and infrastructure.
Traditionally considered morally off-limits to attackers, education establishments and healthcare are big targets for cybercriminals, directly affecting some of the most vulnerable in society. These sectors have had to rapidly improve their cybersecurity position to avoid breaches — which can prove devastating, especially to smaller education and healthcare establishments.
Explore our blog for more posts about Cybercrime in the Education Sector and check out our K–12 Cybersecurity Tips.
Breaking Through the Traditional Defenses
One worrying cybersecurity trend — but one that is potentially the clue to how to defend against the attackers — is that cybercriminals are often managing to evade the traditional security stack.
Whether perimeter defenses, endpoint security, or email security, the report shows evidence that hackers are increasingly able to get past them.
This implies there are two approaches that you can — and must — add to your traditional security stack to properly defend against today’s attacks: threat-informed defense and network visibility.
Threat-Informed Defense
As a defender, being well-informed of current attack vectors and knowledgeable about the latest trends, can be critical to stay one step ahead of an attack. The Lumu Compromise Report 2024 highlights the MITRE ATT&CK® Matrix, and how it can be used to understand indicators of compromise when they appear.
Network Visibility
A cyberdefense tool that is constantly looking at the network level and observes and understands anomalies on network traffic is the best way to catch any threat actors that break through traditional defenses. These tools can detect and respond to dangers and ensure that attacks are contained and dealt with, which otherwise may have gone undetected until too late.
Find out More About 2024 Cybersecurity Trends
Being ahead of threats means knowing the current trends in cybersecurity has become an essential part of keeping organizations safe in recent years.
The Lumu Compromise Report 2024 dives into topics such as the most prominent families of infostealers and ransomware that you should be aware of. It also highlights the MITRE ATT&CK trends from this year and how they can be used to strengthen your security stack.
Read more in the Lumu Compromise Report 2024