- The new statements of Mandiant research, cybercriminals are increasingly motivated financially
- The financial industry is the main objective for computer pirates
- These hackers are using stolen exploits and credentials
Mandiant’s new investigation has affirmed that the financially motivated actors are the new standard, with more than half (55%) of the groups of active threats in 2024 that seek to extort or steal money from their victims, a constant increase of the previous years.
As expected, ransomware related incidents represented 21% of all intrusions in 2024, and represented almost two thirds of incidents involving monetization techniques. This comes together with the theft of data, the theft of cryptocurrencies, the commitments by email and the fake work campaign of North Korea, all destined to obtain money from the victims.
The exploits were once again the most popular initial infection vector at 33%, followed by stolen credentials (16%), Phishing (14%), web commitments (9%) and previous commitments (8%). This is not the first investigation that suggests that phishing attacks and stolen credentials increased in 2024, describing the popularity of tactics.
Finance at risk
The financing was the most common industry, with just over 17% of the attacks that reached the sector. Very close are commercial and professional services (11%), as well as critical industries such as high technology (10%), governments (10%) and medical care (9%).
The fact that so many industries are attacked so widely, illustrates that no one is safe from the attacks sponsored by the State, whether they are motivated financially or politically.
“Attacks with financial motivation remain the main category,” explains Stuart McKenzie, managing director Mandiant Consulting Emea.
“While ransomware, data theft and multifaceted extortion are and will continue to be important concerns of cyber crimes, we are also tracing the increase in infesting malware adoption and the development of the exploitation of web3 technologies, including cryptocurrencies.”
“The growing sophistication and automation offered by artificial intelligence are exacerbating these threats by allowing more specific, evasive and generalized attacks. Organizations must proactively collect ideas to maintain themselves at the forefront of these trends and implement processes and tools to collect and continuously analyze the intelligence of threats of diverse sources.”
