Report finds two-step phishing attacks increasing; Beep malware top of mind for organizations; state-sponsored cyber-espionage on the rise
PLANO, TX, June 13, 2023 – Today, Critical Start, a leading provider of Managed Detection and Response (MDR) cybersecurity solutions, released its biannual Cyber Threat Intelligence Report, featuring the top threats observed in the first half of 2023, and emerging cybersecurity trends impacting the healthcare, financial services, and state and local government (SLED) industries. The report also includes actionable insights to help organizations strengthen their security posture and proactively mitigate potential risk.
The cyber threat landscape is constantly evolving, and threat intelligence is essential for identifying and responding in real-time. Cybercrime has become the world’s third largest economy, and estimated to generate $8 trillion (about $25,000 per person in the US) by the end of 2023. The Critical Start Cyber Threat Intelligence (CTI) team analyzed a range of intelligence sources, such as customer data, open-source intelligence, vulnerability research, social media monitoring, and dark web monitoring to identify the most pressing cybersecurity threats of the first half of 2023.
Key report findings include:
- The Critical Start Security Operations Center (SOC), which monitors millions of endpoints with over 80,000 investigations a week, saw increases overall in the number of investigated alerts, alerts escalated to customers, and alerts that were of high or critical priority. In the first quarter of 2023, the SOC saw a 38.88% increase in the number of high or critical priority alerts escalated to customers over the previous quarter.
- Two-step phishing attacks are on the rise, with attackers using convincing emails that resemble legitimate vendor communications, often related to electronic signatures, orders, invoices, or tracking information.
- The new Beep malware is top of mind for organizations and individuals. This pervasive threat is delivered via email attachments, Discord, and OneDrive URLs.
- State-sponsored cyber espionage is becoming increasingly common, with threat actors operating out of Russia, potentially India, and the Asia-Pacific (APAC) region.
“We are continuing to observe an unyielding surge in the volume of cyberthreats, including advanced malware, botnets, ransomware, cryptojacking, and more,” said Callie Guenther, Senior Manager of Cyber Threat Research at Critical Start. “While many of these attack trends are troubling, there are a number of things organizations can do to reduce their risk, such as investing in security awareness programs, updating security protocols, working with trusted partners to address vulnerabilities, and partnering with an MDR vendor like Critical Start.”
As a part of the Critical Start Cyber Research Unit (CRU), Critical Start CTI continuously monitors emerging threat developments and vulnerabilities while collaborating with the Security Engineering and SOC teams to implement new detections that reduce the risk of a breach by expanding MITRE ATT&CK threat coverage for our customers. For future updates on emerging threats, follow the Critical Start Intelligence Hub.
About Critical Start
Today’s enterprise faces radical, ever-growing, and ever-sophisticated multi-vector cyber-attacks. Facing this situation is hard, but it doesn’t have to be. Critical Start simplifies breach prevention by delivering the most effective managed detection and incident response services powered by the Zero-Trust Analytics Platform® (ZTAP®) with the industry’s only Trusted Behavior Registry™ (TBR) and MOBILESOC®. With 24x7x365 expert security analysts, and Cyber Research Unit (CRU), we monitor, investigate, and remediate alerts swiftly and effectively, via contractual Service Level Agreements (SLAs) for Time to Detection (TTD) and Median Time to Resolution (MTTR), and 100% transparency into our service. For more information, visit criticalstart.com. Follow Critical Start on LinkedIn, Twitter, Facebook, Instagram.
