Trustwave, a leading cybersecurity and managed security services provider, today released an extensive report focusing on the distinct cybersecurity challenges confronting the technology sector. The research, “2024 Technology Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies,” delves into risks specific to the tech industry, offering cybersecurity leaders actionable insights and strategies to fortify their defenses.
Innovation fuels the technology industry, but it comes at a cost. Brimming with valuable data and intellectual property, the sector is a prime target for cyberattacks. These attacks can be catastrophic, exposing sensitive information and crippling companies. In today's data-driven world, that's not just a financial blow; it can shatter user trust and ripple outward, jeopardizing the security of countless other businesses that rely on these technologies.
Trustwave SpiderLabs' latest research delves into the attack flow employed by threat groups, shedding light on their tactics, techniques, and procedures. The tech sector faces a unique threat landscape due to several factors, including a vast and ever-growing attack surface. The rapid digital transformation creates a proliferation of SaaS providers, cloud infrastructure, and interconnected devices, often outpacing security measures.
"The continuous innovation that drives technology forward can be a double-edged sword," said Trustwave CISO Kory Daniels. " Our new research unveils the intricate network of dangers facing the tech industry. Even a minor security breach can cripple a company and cause cascading disruptions across the vital systems we rely on, including internal business operations, customer-trusted software and products, and the infrastructure supporting supply chains. To minimize risk exposure while staying ahead of threats, security needs to be embedded at every stage of the technology lifecycle.”
The Trustwave SpiderLabs report analyzes threat groups and their methods throughout the attack cycle, from initial foothold through to exfiltration. Focused specifically on technology infrastructure and software technology, a few key findings from the report include:
- Three ransomware groups (LockBit 3.0, Clop, ALPHV aka BlackCat) comprise over 60% of the attack claims against technology organizations.
- Significant exposure of critical systems and devices with 12M devices related to the technology industry being publicly exposed (not including major cloud servers hosted by Microsoft, Amazon, Google, etc.).
- Phishing remains a top threat, with almost 40% of malicious PDFs impersonating well-known brands like Geek Squad, PayPal, and McAfee.
- Growing frequency of AI-generated phishing or Business Email Compromise (BEC) emails with analysis from SpiderLabs on how they can be detected.
To access the full Trustwave SpiderLabs threat report, "2024 Technology Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies", please click here.
