Security researchers have released the 2024 Incident Response Report, which paints a worrying picture of increasing cyber threats. The insights are based on data that Unit 42 collects through its daily work: The incident response and threat intelligence teams help companies assess, respond to and recover from cyberattacks.
The 2024 Incident Response Report shows that threat actors are becoming more sophisticated: they are more organized, work in specialized teams for different steps of attacks, and use IT, cloud and security tools. They work more and more efficiently as they use processes and playbooks to achieve their goals more quickly. At the same time, attackers benefit from new AI capabilities.
The most important findings of the report
- Threat actors primarily exploited unpatched vulnerabilities in web applications and Internet-enabled software as an attack vector, with compromised credentials and phishing coming second and third.
- As soon as attacker Once a company has been penetrated, they only need two days to steal sensitive data. There were nine days left in 2021. In 45 percent of cases, attackers exfiltrated the data in less than a day after the compromise. In almost half of the cases, companies have to react within a few hours to stop the attackers.
- After payment has been made Only 68 percent of the attackers kept the promises they made in connection with the ransom demand. According to Unit 42, harassment (27 percent in 2023 vs. <1 percent in 2021) and data theft (82 percent in 2023 vs. 40 percent in 2021) were increasingly common among companies that made a payment.
- Unit 42 has a rise The number of incident response incidents related to the cloud increased by around 10 percent from 6 percent in 2021 to 16,6 percent in 2023.
About Palo Alto Networks Palo Alto Networks, the global leader in cybersecurity solutions, is shaping the cloud-based future with technologies that transform the way people and businesses work. Our mission is to be the preferred cybersecurity partner and protect our digital way of life. We help you address the world's biggest security challenges with continuous innovation leveraging the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are the leaders in protecting tens of thousands of businesses across clouds, networks and mobile devices. Our vision is a world where every day is safer than the one before.
Matching articles on the topic