On the Radar: SOCRadar's July Reports
SOCRadar? Extended Threat Intelligence
Threat Intelligence enriched with External Attack Surface Management, Supply Chain, and Digital Risk Protection Services
?? Did someone say summer vacation?
July has probably been one of the busiest months for SOCRadar in the last few months, with Ransomware Awareness Month, the Olympics, the Crowdtsrike incident, and cyberattacks.
We have dedicated this month's issue of SOCRadar's LinkedIn-specific newsletter, "On the Radar," to remembering the important reports prepared by our Technical Research Team throughout the month.
CISOs, SOC analysts, whether you are on vacation by the sea or in your air-conditioned offices, we hope these reports will help you develop more proactive security strategies in the second half of 2024.
With over 25 FREE tools, SOCRadar Labs provides an unprecedented opportunity for cybersecurity professionals to enhance their posture. These resources empower professionals to effectively safeguard their organizations against evolving cyber threats.
???? France Threat Landscape Report
As the 2024 Paris Olympic Games approach on July 26, security experts urge MSSPs and MSPs to prepare for potential cyberattacks. Data shows a rise in sophisticated attacks targeting French critical infrastructure and essential sectors.
France faces cyber threats from organized crime syndicates and state-sponsored entities, aiming at its manufacturing, IT, telecommunication, and retail industries for espionage, financial theft, and disruption.
The dark web exacerbates these threats, offering a marketplace for malicious tools and stolen data. This poses challenges for French cybersecurity professionals.
SOCRadar’s France Threat Landscape Report 2024 provides a comprehensive analysis, leveraging extensive data from open-source and proprietary intelligence. Our continuous monitoring and analysis offer an in-depth overview of threats to French entities.
These insights aim to help public and private stakeholders strengthen cybersecurity defenses, reduce risks, and enhance France’s resilience against future cyber threats.
?? APAC Threat Landscape Report
The SOCRadar APAC Threat Landscape Report provides organizations with a comprehensive understanding of their geographic area's unique cyber threats and risks.
Utilizing the latest intelligence on threat actor activities in the dark web, ransomware incidents, and phishing operations, this report is essential for organizations looking to develop robust security strategies, allocate resources effectively, and identify their cybersecurity needs. It offers a detailed investigation of cyber incidents, including thorough research on dark web threats, open-source intelligence, and exhaustive threat analysis.
Key findings include that Public Administration is the most targeted industry in the APAC region, followed by the Information and Retail Trade industries. India is the most targeted country, with significant dark web activity, while Australia faces the most ransomware attacks, particularly in the Manufacturing sector.
The LockBit 3.0 ransomware group is notably active in the region. The Information Services industry experiences the most phishing attacks, with Singapore being the primary target, followed by Hong Kong and the Republic of Korea.
领英推荐
?? Mid-Year Cybersecurity Review Report
SOCRadar's year-end reports have become a brand! That's why we wanted to publish a mid-year report this year, which is a first. In the first half of 2024, the cyber threat landscape has been marked by escalating sophistication and frequency of attacks, presenting unprecedented challenges for cybersecurity professionals. SOCRadar’s Extended Threat Intelligence (XTI) platform has been pivotal in empowering security operations centers (SOCs) with actionable, context-rich intelligence, transforming how threats are detected and mitigated.
This period witnessed a surge in ransomware attacks, with cybercriminals adopting more complex and stealthy tactics to target small businesses and large corporations. Notable incidents include breaches at high-profile organizations, illustrating the relentless pursuit of cyber adversaries. Integrated Attack Surface Management has become crucial, providing enhanced visibility into vulnerabilities. At the same time, Brand Protection has shielded organizations from threats on the Dark Web, where stolen credentials and sensitive data are traded.
The role of Cyber Threat Intelligence has been paramount, enabling SOC teams to anticipate and thwart potential attacks before significant damage occurs. The first half of 2024 underscored the importance of a multi-faceted cybersecurity strategy incorporating advanced threat intelligence, real-time monitoring, and rapid response capabilities.
?? Global Ransomware Report
July is known as Ransomware Awareness Month. Ransomware announcements have been overwhelmingly dominated by target announcements, accounting for 81.4% of all ransomware news. Additionally, 18.6% of these reports involve threat actors leaking sensitive data from organizations that refused to pay the ransom. This trend highlights the increasing pressure ransomware groups put on their victims to comply with their demands.
The most active ransomware groups of 2023 include LockBit 3.0, responsible for 17.6% of all attacks; Cl0p, accounting for 9.14% of attacks; and Play Ransomware, responsible for 8.56% of attacks. Geographically, the United States bore the brunt of these attacks, with 65.14% of incidents occurring there, followed by the United Kingdom at 8.64% and Canada at 5.01%. The most targeted industries were manufacturing, with approximately 14% of attacks; professional, scientific, and technical services, at 11%; and the information sector, at around 7%.
A significant rise in ransomware attacks was observed from the beginning of 2023, with a peak in February 2024. This surge underscores the importance of staying informed about the evolving ransomware landscape and utilizing the latest intelligence to protect organizations from these increasingly sophisticated threats.
Enhance Your Security with SOCRadar’s Cyber Threat Intelligence
Take your threat intelligence to the next level by joining SOCRadar’s free access program:
See you next month!