Connect with us

Technology

IBM Report: Ransomware Persisted Despite Improved Detection in 2022

Published

on

Manufacturing Most Extorted Industry; Email Thread Hijacking Attempts Spike; Time to Ransom Moves from Months to Days

ARMONK, N.Y., Feb. 22, 2023 /PRNewswire/ — IBM (NYSE: IBM) Security today released its annual X-Force Threat Intelligence Index finding that although ransomware’s share of incidents declined only slightly (4 percentage points) from 2021 to 2022, defenders were more successful detecting and preventing ransomware. Despite this, attackers continued to innovate with the report showing the average time to complete a ransomware attack dropped from 2 months down to less than 4 days. 

According to the 2023 report, the deployment of backdoors, which allow remote access to systems, emerged as the top action by attackers last year. About 67% of those backdoor cases related to ransomware attempts, where defenders were able to detect the backdoor before ransomware was deployed. The uptick in backdoor deployments can be partially attributed to their high market value. X-Force observed threat actors selling existing backdoor access for as much as $10,000, compared to stolen credit card data, which can sell for less than $10 today.

“The shift towards detection and response has allowed defenders to disrupt adversaries earlier in the attack chain – tempering ransomware’s progression in the short term,” said Charles Henderson, Head of IBM Security X-Force. “But it’s only a matter of time before today’s backdoor problem becomes tomorrow’s ransomware crisis. Attackers always find new ways to evade detection. Good defense is no longer enough. To break free from the never-ending rat race with attackers, businesses must drive a proactive, threat-driven security strategy.”

The IBM Security X-Force Threat Intelligence Index tracks new and existing trends and attack patterns – pulling from billions of datapoints from network and endpoint devices, incident response engagements and other sources.

Some of the key findings in the 2023 report include:

Extortion: Threat Actors Go-to Method. The most common impact from cyberattacks in 2022 was extortion, which was primarily achieved through ransomware or business email compromise attacks. Europe was the most targeted region for this method, representing 44% of extortion cases observed, as threat actors sought to exploit geopolitical tensions.Cybercriminals Weaponize Email Conversations. Thread hijacking saw a significant rise in 2022, with attackers using compromised email accounts to reply within ongoing conversations posing as the original participant. X-Force observed the rate of monthly attempts increase by 100% compared to 2021 data.Legacy Exploits Still Doing the Job. The proportion of known exploits relative to vulnerabilities declined 10 percentage points from 2018 to 2022, due to the fact that the number of vulnerabilities hit another record high in 2022. The findings indicate that legacy exploits enabled older malware infections such as WannaCry and Conficker to continue to exist and spread.

Extortion Pressure Applied (Unevenly)
Cybercriminals often target the most vulnerable industries, businesses, and regions with extortion schemes, applying high psychological pressure to force victims to pay. Manufacturing was the most extorted industry in 2022, and it was the most attacked industry for the second consecutive year. Manufacturing organizations are an attractive target for extortion, given their extremely low tolerance for down time.

Ransomware is a well-known method of extortion, but threat actors are always exploring new ways to extort victims. One of the latest tactics involves making stolen data more accessible to downstream victims. By bringing customers and business partners into the mix, operators increase pressure on the breached organization. Threat actors will continue experimenting with downstream victim notifications to increase the potential costs and psychological impact of an intrusion – making it critical that businesses have a customized incident response plan that also considers the impact of an attack on downstream victims.

Thread Hijacking on the Rise
Email thread hijacking activity surged last year, with monthly attempts by threat actors doubling compared to 2021 data. Over the year, X-Force found that attackers used this tactic to deliver Emotet, Qakbot, and IcedID, malicious software that often results in ransomware infections.

With phishing being the leading cause of cyberattacks last year, and thread hijacking’s sharp rise, it’s clear that attackers are exploiting the trust placed in email. Businesses should make employees aware of thread hijacking to help reduce the risk of them falling victim.

Mind the Gap: Exploit “R&D” Lagging Vulnerabilities
The ratio of known exploits to vulnerabilities has been declining over the last few years, down 10 percentage points since 2018. Cybercriminals already have access to more than 78,000 known exploits, making it easier to exploit older, unpatched vulnerabilities. Even after 5 years, vulnerabilities leading to WannaCry infections remain a significant threat. X-Force recently reported an 800% increase in WannaCry ransomware traffic within MSS telemetry data since April 2022. The continued use of older exploits highlights the need for organizations to refine and mature vulnerability management programs, including better understanding their attack surface and risk-based prioritization of patches.

Additional findings from the 2023 report include:

Phishers “Give Up” on Credit Card Data. The number of cybercriminals targeting credit card information in phishing kits dropped 52% in one year, indicating that attackers are prioritizing personally identifiable information such as names, emails, and home addresses, which can be sold for a higher price on the dark web or used to conduct further operations.North America Felt Brunt of Energy Attacks. Energy held its spot as the 4th most attacked industry last year, as global forces continue to affect an already tumultuous global energy trade. North American energy organizations accounted for 46% of all energy attacks observed last year, a 25% increase from 2021 levels.Asia Tops the Target List. Accounting for nearly one-third of all attacks that X-Force responded to in 2022, Asia saw more cyberattacks than any other region. Manufacturing accounted for nearly half of all cases observed in Asia last year.

The report features data IBM collected globally in 2022 to deliver insightful information about the global threat landscape and inform the security community about the threats most relevant to their organizations. You can download a copy of the 2023 IBM Security X-Force Threat Intelligence Report here.

Additional sources

Read more about the report’s top findings in this IBM Security Intelligence blog.Sign up for the 2023 IBM Security X-Force Threat Intelligence Index webinar on Thursday, March 2, 2022, at 11:00 a.m. ET here.Schedule a consult with IBM Security X-Force.

About IBM Security
IBM Security helps secure the world’s largest enterprises and governments with an integrated portfolio of security products and services, infused with dynamic AI and automation capabilities. The portfolio, supported by world-renowned IBM Security X-Force® research, enables organizations to predict threats, protect data as it moves, and respond with speed and precision without holding back business innovation. worldwide security experts, IBM is trusted by thousands of organizations as their partner to assess, strategize, implement, and manage security transformations. IBM operates one of the world’s broadest security research, development, and delivery organizations, monitors 150 billion+ security events per day in more than 130 countries, and has been granted more than 10,000 security patents worldwide.

Press Contact:
IBM Security Communications
Michele Brancati
mbrancati@ibm.com

 

View original content to download multimedia:https://www.prnewswire.com/news-releases/ibm-report-ransomware-persisted-despite-improved-detection-in-2022-301752400.html

SOURCE IBM

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

Media Advisory – From space to Earth: handling medical issues more autonomous fashion

Published

on

By

LONGUEUIL, QC, Nov. 22, 2024 /CNW/ – On November 25, Sameer Zuberi, Parliamentary Secretary to the Minister of Diversity, Inclusion and Persons with Disabilities, will attend the unveiling of a telemedicine pilot project called “Telehealth Station.” Dan Gabay, CEO of the Montreal West Island Integrated University Health and Social Services Centre, Canadian Space Agency (CSA) President Lisa Campbell and CSA astronaut David Saint-Jacques will also be there.

Telehealth Station will leverage technologies integrated by Baüne as part of the CSA’s Connected Care Medical Modules, an initiative that aims to find solutions to help astronauts handle their own medical issues when they are far from Earth.

The CSA invites media to attend this technology demonstration organized by the Montréal West Island CIUSSS. A question period will follow.

Media who wish to find out more or attend the event are asked to contact the Media Relations Office.

Date:

November 25, 2024

Time:

10:00 am ET

What:

Unveiling and demonstration of a telemedicine pilot project

Who:

Sameer Zuberi, Parliamentary Secretary to the Minister of Diversity,

Inclusion and Persons with Disabilities

Dan Gabay, CEO of the Montreal West Island Integrated University

Health and Social Services Centre

Lisa Campbell, CSA President

David Saint-Jacques, CSA astronaut

Where:

CLSC de Pierrefonds

13800 Gouin Boulevard West, Montreal

H8Z 3H6

Website: www.asc-csa.gc.ca

Follow us on social media!
RSS Facebook YouTube Twitter

SOURCE Canadian Space Agency

Continue Reading

Technology

Postal Ranked Number 34 Fastest-Growing Company in North America on the 2024 Deloitte Technology Fast 500™

Published

on

By

Postal attributes 5,216% Revenue Growth to a collaborative team strategy focused on building a scalable revenue model and making calculated financial decisions

SAN LUIS OBISPO, Calif., Nov. 22, 2024 /PRNewswire-PRWeb/ — Postal today announced it ranked No. 34 on the Deloitte Technology Fast 500™, a ranking of the 500 fastest-growing technology, media, telecommunications, life sciences, fintech, and energy tech companies in North America, now in its 30th year. Postal grew 5,216% during this period.

“I credit Postal’s success and growth to the grit of our employees and the impact of this offline channel to our customers.” – Postal CEO, Erik Kostelnik

Postal’s Chief Executive Officer, Erik Kostelnik, credits a collaborative team strategy focused on building a scalable revenue model and making calculated financial decisions to fuel the company’s 5,216% revenue growth. He said, “I credit Postal’s success and growth to the grit of our employees and the impact of this offline channel to our customers. Direct mail and gifting as a managed channel continues to outperform traditional digital channels, especially in Account Based Marketing. We are honored to be recognized as one of the fastest growing technology companies in the country.”

“For 30 years we’ve been celebrating companies that are actively driving innovation. The software industry continues to be a beacon of growth, and the fintech industry made a strong showing on this year’s list, surpassing life sciences for the first time,” said Steve Fineberg, vice chair, U.S. technology sector leader, Deloitte. “Significantly, we also saw a breakthrough in performance of private companies, with the highest number of private companies named to the list in our program’s history. This year’s winners have shown they have the vision and expertise to continue to perform at a high level, and that deserves to be celebrated.”

“Innovation, transformation and disruption of the status quo are at the forefront for this year’s Technology Fast 500 list, and there’s no better way to celebrate 30 years of program history,” said Christie Simons, partner, Deloitte & Touche LLP and industry leader for technology, media and telecommunications within Deloitte’s Audit & Assurance practice. “This year’s winning companies have demonstrated a continuous commitment to growth and remarkable consistency in driving forward progress. We extend our congratulations to all of this year’s winners — it’s an incredible time for innovation.”

Overall, 2024 Technology Fast 500 companies achieved revenue growth ranging from 201% to 153,625% over the three-year time frame, with an average growth rate of 1,981% and median growth rate of 460%.

About the 2024 Deloitte Technology Fast 500

Now in its 30th year, the Deloitte Technology Fast 500 provides a ranking of the fastest-growing technology, media, telecommunications, life sciences, fintech, and energy tech companies — both public and private — in North America. Technology Fast 500 award winners are selected based on percentage fiscal year revenue growth from 2020 to 2023.

In order to be eligible for Technology Fast 500 recognition, companies must own proprietary intellectual property or technology that is sold to customers in products that contribute to a majority of the company’s operating revenues. Companies must have base-year operating revenues of at least US$50,000, and current-year operating revenues of at least US$5 million. Additionally, companies must be in business for a minimum of four years and be headquartered within North America.

About Postal

Postal is a leading intelligent gifting platform that helps thousands of businesses increase their pipeline, retain customers, and reward employees. The engagement platform and its global marketplace enable customers to automate direct mail, manage branded company swag, and send personalized gifts, all while centralizing cost and reducing waste. Postal integrates natively into existing systems like Salesforce, Hubspot, Microsoft, Google, Adobe, and other Sales and Marketing solutions.

About Deloitte

Deloitte provides industry-leading audit, consulting, tax and advisory services to many of the world’s most admired brands, including nearly 90% of the Fortune 500® and more than 8,500 U.S.-based private companies. At Deloitte, we strive to live our purpose of making an impact that matters by creating trust and confidence in a more equitable society. We leverage our unique blend of business acumen, command of technology, and strategic technology alliances to advise our clients across industries as they build their future. Deloitte is proud to be part of the largest global professional services network serving our clients in the markets that are most important to them. Bringing more than 175 years of service, our network of member firms spans more than 150 countries and territories. Learn how Deloitte’s approximately 460,000 people worldwide connect for impact at www.deloitte.com.

Media Contact

Patricia Duchene, Postal, 1 805.305.1293, patricia@postal.com, https://www.postal.com/

View original content to download multimedia:https://www.prweb.com/releases/postal-ranked-number-34-fastest-growing-company-in-north-america-on-the-2024-deloitte-technology-fast-500-302313803.html

SOURCE Postal

Continue Reading

Technology

GenNx360 Capital Partners finalizes the sale of ITsavvy to Xerox Holdings Corporation

Published

on

By

NEW YORK, Nov. 22, 2024 /PRNewswire/ — GenNx360 Capital Partners (“GenNx360”), a New York-based private equity firm, is pleased to announce the final sale of its portfolio company, ITsavvy LLC (“ITsavvy” or “the Company”), a provider of end-to-end IT infrastructure solutions, to Xerox Holdings Corporation (“Xerox”) for $400 million. This transaction marks a significant milestone for GenNx360, as its first investment in the technology services sector.

ITsavvy is an Oak Brook, Illinois-based technology solutions and services provider that delivers frictionless IT experiences by designing, developing and delivering technology infrastructure solutions and services that accelerate business outcomes on behalf of its clients.

During GenNx360’s investment, the Company experienced impressive organic growth, completed an acquisition of a highly strategic AIOps-enabled managed services provider (“MSP”) and significantly increased overall profitability through several well-executed margin enhancement initiatives. A committed focus to the Company’s services strategy further fueled organic growth and strengthened the Company’s overall value proposition. Through the support of GenNx360, the Company also successfully launched an AI and Intelligent Automation strategy. This strategy included commercializing an AI offering to better serve the Company’s clients, as well as optimizing the Company’s internal operations.

“The completion of this transaction marks a significant milestone for ITsavvy and for GenNx360. Over the past two years, ITsavvy has undergone exceptional growth and transformation under the leadership of Munu Gandhi and his team. Their dedication and collaboration with our firm have been critical to the company’s success. We are proud of ITsavvy’s achievements and confident it will continue to thrive as part of Xerox,” said Ron Blaylock, GenNx360 Founder and Managing Partner, and Chairman of the ITsavvy Board of Directors.

“We appreciate GenNx360’s support and strategic insights over the past two years. They have been an outstanding partner to work with to enhance and evolve our platform,” said ITsavvy CEO, Munu Gandhi. “We are excited to join forces with a longstanding company in Xerox, one of the great global brands, and we look forward to supporting their next stage of growth.”

“As part of our Reinvention, we have created a greater organizational focus on our emerging IT Services capabilities,” said John Bruno, President and Chief Operating Officer at Xerox. “ITsavvy’s complementary offerings, combined with our reputation, position us to accelerate growth across key markets and unlock new opportunities to help clients transform the way they work.”

“It has been a privilege to work with Munu and the ITsavvy team over the past two years. We are incredibly proud of the Company’s growth and look forward to following their success in the future,” said Peter White, Principal at GenNx360 and ITsavvy Board Member.

This transaction underscores GenNx360’s focus on driving operational excellence and delivering strong outcomes for our investors.

Loeb & Loeb and Greenberg Traurig served as legal advisors to ITsavvy and GenNx360.

About ITsavvy LLC

ITsavvy is an industry-leading IT infrastructure solutions provider with comprehensive value added resell capabilities. Founded in 2004 in suburban Chicago, ITsavvy provides frictionless client experiences through the deployment of holistic solutions that deliver client business outcomes. For more information on ITsavvy, please visit www.itsavvy.com.

About GenNx360 Capital Partners

GenNx360 Capital Partners is a private equity firm focused on acquiring middle market business services and industrial companies. GenNx360 partners with companies having proven and sustainable business models in expanding industries with the objective of implementing and supporting value-enhancing organic and inorganic initiatives to accelerate growth, deliver cost efficiencies, and generate strong financial returns. GenNx360 was founded in 2006 and is headquartered in New York City. For more information on GenNx360, please visit www.gennx360.com.

For media inquiries about this press release, please contact:

Alicia Francis, Head of Investor Communications

investorrelations@gennx360.com

Phone: 929.287.6107

View original content to download multimedia:https://www.prnewswire.com/news-releases/gennx360-capital-partners-finalizes-the-sale-of-itsavvy-to-xerox-holdings-corporation-302314576.html

SOURCE GenNx360 Capital Partners

Continue Reading

Trending