- New Mandiant Research claims that cyber criminals are becoming more and more financially motivated
- The financial industry is the top target of hackers
- These hackers use exploits and stolen credentials to access
New research from Mandiant has claimed that financially motivated actors are the new norm, with over half (55%) of threat groups active in 2024 who want to pressure or steal money from their victims, a steady increase from previous years.
Not surprisingly, Ransomware represented -related events 21% of all intrusions by 2024 and made up nearly two -thirds of events involving income techniques. This comes along with data theft, cryptocurrency -theft, e -mail comroms and the North Korean fake job campaign -all for the purpose of getting money from the victims.
Utilizations were again the most popular initial infection vector at 33%, followed by stolen credentials (16%), phishing (14%), web compromes (9%) and prior compromises (8%). This is not the first research to suggest that phishing attacks and stolen credentials increased by 2024 and outlined the popularity of tactics.
Financing in danger
Financing was the most commonly targeted industry, where just over 17% of the attacks hit the sector. Close to the back are business and professional services (11%) as well as critical industries and high technology (10%), governments (10%) and healthcare (9%).
The fact that so many industries are targeted so far, illustrates that no one is safe against state -sponsored attacks, whether financially or politically motivated.
“Economically motivated attacks are still the leading category,” explains Stuart McKenzie, CEO Mandiant Consulting EMEA.
“While ransomware, data theft and multifaceted extortion are and will continue to be significant global cybercrime problems, we also track the increase in the adoption of infoTeals -Malware and the development of utilization of web3 technologies, including cryptocurrencies.”
“The rising sophistication and automation offered by artificial intelligence further aggravates these threats by enabling more targeted, evasive and widespread attacks. Organizations need to proactively gather insight to stay ahead of these trends and implement processes and tools to continuously collect and analyze panty from different sources.”
