Trustwave, a leading cybersecurity and managed security services provider, has released an extensive report focusing on the distinct cybersecurity challenges confronting the technology sector. The research, “2024 Technology Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies,” delves into risks specific to the tech industry, offering cybersecurity leaders actionable insights and strategies to fortify their defences.
Innovation fuels the technology industry, but it comes at a cost. Brimming with valuable data and intellectual property, the sector is a prime target for cyberattacks. These attacks can be catastrophic, exposing sensitive information and crippling companies. In today’s data-driven world, that’s not just a financial blow; it can shatter user trust and ripple outward, jeopardising the security of countless other businesses that rely on these technologies.
Trustwave SpiderLabs’ latest research delves into the attack flow employed by threat groups, shedding light on their tactics, techniques, and procedures. The tech sector faces a unique threat landscape due to several factors, including a vast and ever-growing attack surface. The rapid digital transformation creates a proliferation of Software-as-a Service (SaaS) providers, cloud infrastructure, and interconnected devices, often outpacing security measures.
Kory Daniels, chief information and security officer (CISO), Trustwave, said, “The continuous innovation that drives technology forward can be a double-edged sword.
“Our new research unveils the intricate network of dangers facing the tech industry. Even a minor security breach can cripple a company and cause cascading disruptions across the vital systems we rely on, including internal business operations, customer-trusted software and products, and the infrastructure supporting supply chains. To minimise risk exposure while staying ahead of threats, security needs to be embedded at every stage of the technology lifecycle.”
The Trustwave SpiderLabs report analyses threat groups and their methods throughout the attack cycle, from initial foothold through to exfiltration. Focused specifically on technology infrastructure and software technology, a few key findings from the report include:
- Three ransomware groups (LockBit 3.0, Clop, ALPHV aka BlackCat) comprise over 60 per cent of the attack claims against technology organisations.
- Significant exposure of critical systems and devices with 12M devices related to the technology industry being publicly exposed (not including major cloud servers hosted by Microsoft, Amazon, Google etc.).
- Phishing remains a top threat, with almost 40 per cent of malicious PDFs impersonating well-known brands like Geek Squad, PayPal, and McAfee.
- Growing frequency of AI-generated phishing or business email compromise (BEC) emails with analysis from SpiderLabs on how they can be detected.
To access the full Trustwave SpiderLabs threat report, “2024 Technology Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies,” please click here.
About Trustwave
Trustwave is a globally recognised cybersecurity leader that reduces cyber risk and fortifies organisations against disruptive and damaging cyber threats.
Trustwave’s comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimises its client’s cyber investment, and improves security resilience. Trusted by thousands of organisations worldwide, Trustwave leverages its world-class team of security consultants, threat hunters, and researchers, and its market-leading security operations platform to decrease the likelihood of attacks and minimise potential impact.
Trustwave is an analyst-recognised leader in managed detection and response (MDR), managed security services (MSS), cyber advisory, penetration testing, database security, and email security. The elite Trustwave SpiderLabs team provides industry-defining threat research, intelligence, and threat hunting, all of which are infused into Trustwave services and products to fortify cyber resilience in the age of inevitable cyber-attacks.
For more information about Trustwave, please visit: https://www.trustwave.com/en-us/.
