Dive Brief:
- Interactive intrusions, attacks involving hands-on-keyboard activities within a victim’s environment, were up 55% in the last year, CrowdStrike said last week in a threat hunting report.
- The cybersecurity vendor’s threat intelligence outfit attributed nearly 9 in 10 interactive intrusions to e-crime activity during the one year period ending June 30. Hands-on-keyboard attacks jumped 75% in the healthcare sector and 60% in the technology industry, the report found.
- The technology sector, which includes software, hardware and IT services, was the most frequently targeted industry for the seventh consecutive year, according to CrowdStrike’s research.
Dive Insight:
Technology vendors remain a high-value and opportunistic target for threat groups because of the broad reach their services have into customer environments in every sector.
Attacks against technology firms and their customers often cascade downstream, amplifying the potential impact of cyberattacks and ransomware groups’ ability to extort more victims.
A financially-motivated attacker compromised more than 100 Snowflake customers in a wave of attacks in April, resulting in widespread data theft, exposure and extortion, according to Mandiant.
The illicit financial windfall ransomware groups are banking from cyberattacks continues to grow, despite the collective efforts of cybersecurity professionals, federal cyber authorities and law enforcement to curb malicious activity.
Victim organizations paid a collective $460 million in extortion demands to ransomware groups in the first half of 2024, Chainalysis said in a Thursday report on financially-motivated criminal activity in cryptocurrency exchanges.
Ransomware payments were up 2% from the first half of last year, setting 2024 up to be “the highest-grossing year yet for ransomware payments,” Chainalysis said in its report. This year also marked the largest ransom payment ever recorded at $75 million, the report found.
During a media briefing in November, a senior Biden administration official said ransomware victims in the U.S. paid $1.5 billion in ransoms between May 2022 and June 2023. Chainalysis tracked a total of $1.1 billion in ransom payments in 2023.
Much of the increase in ransom payments is fueled by attacks targeting large businesses with the most damaging ransomware variants, according to Chainalysis. The median ransom payment to threat groups using these ransomware strains jumped from under $200,000 in early 2023 to $1.5 million in mid-June, the report found.