Jeffrey Wheat, CTO of Lumu Technologies, joins Carashsoft to provide an analysis of the top cyber attack vectors in 2024, highlighting a statistical tie between phishing and infostealers as the primary threats. He explains that modern cybercriminals are motivated by both financial gain and geopolitical interests, leading them to target infrastructure like schools, healthcare, and government agencies where the value of data, such as student records, is exceptionally high.
Takeaways
- Vector Statistical Tie: Research shows a near-even split in attack vectors between fishing (52%) and info stealers (48%) targeting Lumu’s customer base.
- High Value of Student Data: Education is a top target because student records have a longer shelf life for identity theft; students typically do not check their FICO scores for over a decade.
- Supply Chain Targeting: Attackers are increasingly targeting IT and software providers to exploit “magic keys” that grant access to multiple organizations simultaneously, as seen in the HAFNIUM/Microsoft Exchange exploit.
- EDR Bypassing: Attackers use AI to rapidly modify exploits and bypass the behavioral analysis patterns used by Endpoint Detection and Response (EDR) tools.
- Human vs. Mechanical Detection: Lumu’s “Compromise Radar” distinguishes between mechanical attacks (symmetrical patterns on a 24-hour clock) and human intruders (asymmetric patterns), signaling when a threat actor is manually persisting in a network.
