Attackers Continue to Shift Delivery Methods
Mimecast report indicates attackers move towards using links and QR codes to get around defenses
Key Points
- Mimecast has released the second edition of its Global Threat Intelligence Report, covering the fourth quarter of 2023.
- Faced with an ever-changing threat landscape, IT administrators, executives, and even end-users can benefit from the global insights delivered in this latest report on cyber resilience from Mimecast.
- The report delivers threat intelligence key findings for the period, including what sectors were most targeted, attackers’ preferred delivery methodology, as well as the key insights organizations need to protect their communications, people, and data.
Mimecast has released the second edition of its Global Threat Intelligence Report. Covering the fourth quarter of 2023, the report is designed to deliver the key insights needed to help organizations of any size protect their communications, people, and data.
Faced with an ever-changing threat landscape, IT administrators, executives, and even end-users can benefit from the global insights delivered in this latest report on cyber resilience from Mimecast.
Threat Intelligence Key Findings
In the current reporting period, readers will discover:
- The sectors that experienced the most attacks in the fourth quarter of 2023 were financial institutions; travel, hospitality, and catering; and human resources and recruitment services.
- Attacks were driven by ransomware, data theft, and business email compromise (BEC).
- Across all industries, average users at small and medium-sized firms encountered more than twice the number of threats as those at large companies.
- For the first time, the average user was more likely to encounter a malicious link than a malicious attachment in Q4 2023. In the past, attackers were more likely to use known malware to deliver payloads.
Geopolitical Tensions
Geopolitical tensions have increased, leading to more cyberattacks with more than 100 hacker groups claiming participation in the Israel-Gaza conflict alone. Nation-states are using cyber operations to gather intelligence on rival governments and attack critical infrastructure and information systems.
Generative AI
In addition, attackers are using generative AI and machine-learning models to create more convincing phishing lures and translate attacks into other languages. Technical threat indicators, such as domain reputation, browser isolation, and malware analysis, will be increasingly necessary to block attacks.
QR Codes
A surge in quishing, or using QR codes to obfuscate links, has continued, serving the same purpose as URL shortening schemes but with an additional benefit to attackers, as victims have already become acclimated to snapping pictures of QR codes.
Ransomware
Ransomware and breach-for-ransom campaigns continued to grow in Q4 2023, with one of the larger groups, ALPHV Blackcat, compromising more than 1,000 victims with ransomware and data extortion and reaping more than $300 million in ransom payments by the end of the quarter.
A Threat Intelligence Report Designed to Deliver Key Insights
This latest report from Mimecast distills insights from intelligence generated through the three-month period by our products and research team, combined with external intelligence from the cybersecurity community. The report includes in-depth analysis of threat activity, a series of top-line statistics that shaped the activity, as well as recommendations for what organizations can do to mitigate the risk those threats pose.
Read the Full Report
We invite you to explore our Q4 2023 threat intelligence report and look forward to sharing more insights in the future.
Subscribe to Cyber Resilience Insights for more articles like these
Get all the latest news and cybersecurity industry analysis delivered right to your inbox
Sign up successful
Thank you for signing up to receive updates from our blog
We will be in touch!