Cybercriminals continue to evolve their strategies, adapting to more robust security defenses while prioritizing data exfiltration, and refining their business email compromise (BEC) scams, according to a report released Wednesday by cybersecurity firm Arctic Wolf Networks Inc.
Data theft was a component in nearly every ransomware incident analyzed, with a striking 96% of cases involving the illicit acquisition of information. Furthermore, three key types of cybersecurity incidents – ransomware (44%), BEC (27%), and intrusions (24%) – comprised a significant 95% of all incident response cases. Despite increased law enforcement efforts, median ransomware demands remain substantial, averaging $600,000, “demonstrating that ransomware remains a lucrative business for cybercriminals,” the report stated.
The finance and insurance sectors were particularly vulnerable to BEC attacks, accounting for a notable 53% of incident response cases. This made BEC the dominant threat in this specific area, surpassing ransomware. Specifically, the finance and insurance industry bore the brunt of 26.5% of all BEC incident response cases, which is roughly double the 13.3% experienced by the legal and government sector, which was in second place based on the report’s data.
“We see evidence that threat actors are adapting to target stronger cybersecurity postures by looking for novel methods of attack or embracing low-tech — but effective — means of bypassing high-tech safeguard,” the report concluded.
