SYDNEY, Australia โ February 20, 2024 โย Arctic Wolf, a global leader in security operations, today published its annual Arctic Wolf Labs Threat Report. Insights from the report reveal a year filled with cybercrime groups significantly increasing ransom demands, continuing to exploit well-known vulnerabilities that pre-date 2023, and executing business email compromise (BEC) schemes on a massive scale.
Created with threat, malware, digital forensics, and incident response case data that Arctic Wolf collects across the entire security operations framework, the Arctic Wolf Labs Threat Report delves deep into the cybercrime ecosystem, highlighting current global threat trends and offering strategic cybersecurity recommendations for the year ahead. The report serves as a key resource for cybersecurity, IT, and business leaders looking to gain a deep understanding of the global cybercrime landscape so that they can better protect their organisations from advanced cyber threats.
โBy helping to end cyber risk for thousands of customers around the globe, Arctic Wolf Labs has access to an unmatched amount of data that allows us to provide deep and differentiated insights about the cybercrime landscape for both security practitioners and business leaders alike,โ said Mark Manglicmot, senior vice president of security services, Arctic Wolf. โNot only do our findings from this report provide valuable insights to the cybersecurity community, but they also serve as a direct input to the threat detection models contained within the Arctic Wolf Security Operations Cloud, that ensures we are able to defend our customers against cyber threats of all shapes and sizes.โ
Key findings from the Arctic Wolf Labs Threat Report include:
- The median initial ransom demand rose 20% year-over-year to $600,000; with Legal, Government, Retail, and Energy industries each seeing median demands of $1 million or more.
- Despite BEC incidents outnumbering ransomware incidents by a factor of 10, a ransomware incident is 15 times more likely than a BEC incident to lead to an incident response investigation.
- Vulnerabilities first disclosed in 2022 or earlier continue to account for nearly 60% of incidents where the root cause was the exploitation of an externally accessible system.
- Manufacturing, Business Services, and Education/Non-Profit were the top three industries to appear on ransomware leak sites.
“The volume of cyber incidents continues to increase each year. As we enter 2024, the wide scale availability of AI tools has the potential to supercharge the ability of cybercriminals to successfully exploit vulnerabilities,โ said Catherine Lyle, SVP of Cyber Claims & Incident Response at Tokio Marine HCC โ Cyber & Professional Lines Group, a member of the Tokio Marine HCC group of companies based in Houston, Texas. โResources like the Arctic Wolf Labs Threat Report assist carriers and businesses in understanding the current and future cybersecurity landscape. When used properly, this type of data can permit an organisation to respond with appropriate vulnerability management, giving it a proven edge in safeguarding its sensitive systems and data.ย In turn, this makes it easier for the organisation to mitigate any future harm by obtaining cyber insurance.โ
Arctic Wolf Labs brings together Arctic Wolfโs elite security researchers, data scientists, and security development engineers together with a unified goal to help end cyber risk for organisations around the globe. Leveraging the trillions of security events the Arctic Wolf Security Operations Cloud ingests, parses, enriches, and analyses each week, Arctic Wolf Labs is responsible for deliver cutting-edge threat research on new and emerging adversaries and leveraging machine learning and artificial intelligence to create advance threat detection models that drive continuous improvement in the speed, scale, and detection efficacy of Arctic Wolfโs security operations solutions.
For additional insights from the 2024 Arctic Wolf Labs Threat Report, visit arcticwolf.com to download the full report.
Additional Resources
- Join the conversation with Arctic Wolf onย Facebook,ย Twitter,ย LinkedIn, andย YouTube
- Visitย arcticwolf.comย to learn more aboutย ourย security operations solutions
- If youโre ready to get started,ย request a demo,ย get a quote, orย conduct a Security Operations Maturity Assessment
- Want to join Arctic Wolfโs Partner Program?ย Apply today
About Arctic Wolf
Arctic Wolf is a global leader in security operations, enabling customers to manage their cyber risk in the face of modern cyber-attacks via a premier cloud-native security operations platform. The Arctic Wolf Security Operations Cloud ingests and analyses more than 4.6 trillion security events a week to help enable cyber defence at an unprecedented capacity and scale, empowering customers of virtually any size across a wide range of industries to feel confident in their security posture, readiness, and long-term resilience. By delivering automated threat protection, response, and remediation capabilities, Arctic Wolf delivers world-class security operations with the push of a button so customers can defend their greatest assets at the speed of data.
Media Contact
Espresso Communications
Olivia Hammond
arcticwolf@espressocomms.com.au
+61 423 177 005