- New Mandiant research claims cybercriminals are increasingly financially motivated
- The Finance industry is the top target for hackers
- These hackers are using exploits and stolen credentials to gain access
New research from Mandiant has claimed financially motivated actors are the new norm, with over half (55%) of threat groups active in 2024 looking to extort or steal money from their victims, a steady increase from previous years.
Unsurprisingly, ransomware related incidents represented 21% of all intrusions in 2024, and made up almost two thirds of incidents involving monetization techniques. This comes alongside data theft, cryptocurrency theft, email compromises, and the North Korean fake job campaign – all aimed at getting money from victims.
Exploits were once again the most popular initial infection vector at 33%, followed by stolen credentials (16%), phishing (14%), web compromises (9%), and prior compromises (8%). This isn’t the first research to suggest that phishing attacks and stolen credentials surged in 2024, outlining the tactic’s popularity.
Finance at risk
Finance was the most commonly targeted industry, with just over 17% of attacks hitting the sector. Close behind are business and professional services (11%), as well as critical industries like high tech (10%), Governments (10%), and Healthcare (9%).
The fact that so many industries are targeted so widely, illustrates that no one is safe from state-sponsored attacks, whether these are financially or politically motivated.
“Financially motivated attacks are still the leading category,” explains Stuart McKenzie, Managing Director Mandiant Consulting EMEA.
“While ransomware, data theft and multifaceted extortion are and will continue to be significant global cybercrime concerns, we are also tracking the rise in the adoption of infostealer malware and the developing exploitation of Web3 technologies, including cryptocurrencies.”
“The increasing sophistication and automation offered by artificial intelligence are further exacerbating these threats by enabling more targeted, evasive, and widespread attacks. Organisations need to proactively gather insights to stay ahead of these trends and implement processes and tools to continuously collect and analyse threat intelligence from diverse sources.”
Leave a comment