Report finds manufacturing and industrial industries as the most targeted sectors by bad actors; Use of deepfakes increases exponentially
PLANO, TX – August 22, 2024 – Today, Critical Start, a leader in Managed Detection and Response (MDR) cybersecurity solutions and a pioneer in Managed Cyber Risk Reduction (MCRR), released its biannual Cyber Threat Intelligence Report, featuring the top threats observed in the first half of 2024, and emerging cybersecurity trends impacting the manufacturing, healthcare, technology, professional services, engineering, and construction industries. The report also includes actionable insights to help organizations strengthen their security posture and proactively mitigate potential cyber risk.
Global cybercrime has shown no sign of decline and is expected to grow by 15 percent per year over the next five years, reaching $10.5 trillion annually by 2025, up from $3 trillion in 2015. To identify the most urgent cybersecurity threats of the first half of 2024, the Critical Start Cyber Research Unit (CRU) analyzed 3,438 high and critical alerts generated by 20 supported Endpoint Detection and Response (EDR) solutions, as well as 4,602 reports detailing ransomware and database leak activities across 24 industries in 126 countries.
The first half of 2024 saw a worrying trend in cyberattacks targeting specific industries and key report findings include:
- Manufacturing and Industrial Products remains the top targeted industry by cyber threat actors in H1 2024, leading with 377 confirmed reports of ransomware and database leak hits in the first half of the year
- Professional Services saw an increase in reported database leaks and ransomware attacks, jumping by 15% compared to 2023 with 351 cases reported vs. 334. Legal services organizations, including courthouses, and supply chains have become prime targets due to the wealth of intellectual property and sensitive data they possess
- Healthcare & Life Sciences ransomware and database leak incidents surged by 180% in February 2024 compared to the same period in 2023, coinciding with the attack on Change Healthcare and other healthcare providers
- Engineering and Construction remained a consistent target for cyberattacks in the first half of both 2023 and 2024 with the United States bearing the brunt of cyberattacks in the first half of 2024, experiencing a staggering 46.15% increase compared to 2023
- Technology Critical Start found a 12.75% decrease (from H1 2023) in database leaks and ransomware attacks targeting technology companies.
“The first half of 2024 has painted a concerning picture of the ransomware threat landscape. We are continuing to observe a surge in ransomware and database leak activities,” said Callie Guenther, Senior Manager of Cyber Threat Research at Critical Start. “With bad actors becoming more sophisticated, it is vital for organizations to have a strong security culture and strategy in place. Managed Detection and Response (MDR) solutions that integrate asset inventory, endpoint controls security coverage, and MITRE ATT&CK® Mitigations, help organizations proactively mitigate risk, leading to a reduced attack surface and a more resilient security infrastructure.”
The report also highlights trending concerns for businesses, including:
- Business Email Compromise (BEC) Attacks: Previously focused on large corporations, BEC scammers are now targeting smaller, less cybersecurity-conscious businesses
- Deepfakes and Social Engineering: Findings show a surge in deepfake attacks, with an exponential 3,000% increase in deepfake fraud attempts
- Abuse of Open-Source Repositories: Attackers are increasingly using these repositories to launch two main types of attacks: repo confusion attacks and supply chain attacks
As a part of the Critical Start Cyber Research Unit (CRU), Critical Start Cyber Threat Intelligence (CTI) continuously monitors emerging threat developments and exploited vulnerabilities while collaborating with the Security Operations Center (SOC) teams to implement new detections that reduce the risk of a breach by expanding MITRE ATT&CK threat coverage for our customers. For future updates on emerging threats, follow the Critical Start Intelligence Hub.
About Critical Start
Organizations today face the challenge of optimally aligning their cyber protection measures to reduce the risk of breaches and business disruptions. CRITICALSTART® Managed Detection and Response (MDR) is the foundation to Managed Cyber Risk Reduction, which improves security operations outcomes and minimizes the probability and impact of breaches. Utilizing their Cyber Operations Risk & Response™ platform, they integrate industry-leading tools and proactive cybersecurity intelligence into the Security Operations Center (SOC) — such as comprehensive asset inventories, EDR coverage gaps, asset criticality, MITRE ATT&CK® Mitigations, and vulnerability management. Their security operations team evaluates and responds to threats, vulnerabilities, and risks, while conducting extensive threat intelligence research. Supported by a human-led risk and security operations team with over 10 years of MDR experience, Critical Start empowers businesses to protect their critical assets, demonstrating a measurable return on investment.
The platform offers maturity assessments, peer benchmarking, posture and event analytics, and robust response capabilities. This approach ensures that organizations achieve optimal cyber risk reduction for every dollar spent, enabling them to confidently reach their desired risk tolerance levels.
For more information, visit criticalstart.com. Follow Critical Start on LinkedIn, @CRITICALSTART, or on Twitter, @CRITICALSTART.
