adarma_logo_twgt-black[11615449]
adarma_logo_twgt-black[11615449]
Assessments
All Cybersecurity Assessments

Improve security maturity and capability while reducing risk
Cyber Maturity Assessment

Define, measure and improve your security posture
SOC Maturity Assessment

Understand and improve the capability and maturity of your SOC
SIEM Assessment

Your roadmap to increase the performance and value of your SIEM
Crisis Simulation Assessment

Stress-test your organisation’s cyber response capability

Latest Insights

Cyber Insiders is a cybersecurity podcast by Adarma.
Podcast
Nov 2

Cyber Insiders Podcast: Liz Banbury on Safeguarding Critical National Infrastructure
Threat Intelligence Exposure Management
Detection & Response
Managed SOC

Delivering today’s capability, while staying adaptable for tomorrow’s threat
Microsoft MDR Solution

Maximise the potential of your Microsoft E5 License
SOC Engineering

We help design, build, and integrate the security operations capability you need
Incident Response

Intelligence-led preparation, practice and real-world cyber incident response
Socket Platform
About Us
We Are Adarma

Your partner for effective cyber threat management
ESG

Protecting the promise of cyber resilience
Partners

Working in partnership to make the world a safer place
Careers

Become a Cyber Defender
Contact Us

Get in touch today
Insights
Cyber Hub
Cyber Insiders
News & Blog
SIEM Transformation
Future-Ready SOC Report
SecOps Excellence
Events
Share:
Webinar

Webinar: Insights from Adarma’s Threat Landscape Report

Watch on-demand

Adarma recently hosted a webinar revealing key insights from its latest Threat Landscape Report. Led by Cian Heasley, Threat Lead at Adarma and Gerry Bruin, Threat Specialist at Adarma, the webinar provided crucial insights into emerging threats, ransomware statistics, advanced persistent threat (APT) activity and industry-specific threats. For those unable to attend, here’s a summary of the key highlights. For a more in-depth look at the threat landscape and mitigation recommendations, we invite you to watch the full webinar here:

Emerging Threats in 2024

QR Code Phishing: This technique involves phishing attempts that prompt victims to scan a QR code, leading to malicious sites designed to steal credentials or deliver malware. The widespread adoption of QR codes in everyday life has made this method more common, particularly as it often bypasses corporate security measures by targeting personal devices.

SIM Swapping: This attack involves transferring a victim’s phone number to a new SIM card to bypass SMS-based multi-factor authentication (MFA). Often facilitated by insiders within mobile providers, SIM swapping has led to significant losses, especially in the cryptocurrency space. The key takeaway here is the need to move away from SMS-based MFA and move in favour of more secure methods like MFA apps or hardware tokens.

AI and Deepfake Technology: The misuse of AI in deepfake technology is on the rise, with notable incidents including North Korean hackers using deepfake images to gain employment at a security firm. Additionally, a British engineering firm lost $25 million in a deepfake-enabled scam. These cases underscore the increasing sophistication of social engineering attacks.

Malvertising: Malvertising, or the injection of malicious code into legitimate ads, remains a potent threat. Recent campaigns have involved tactics like prompting users to run PowerShell commands, leading to the spread of malware like the DarkGate malware and various info-stealers.

Industry-Specific Threats

Finance: Banking Trojans remain a significant threat, with groups like GrandGuerrero, Medusa, and the newly discovered Brookwell targeting financial institutions. Notable breaches in 2024 included HSBC and Barclays, both linked to third-party contractor compromises.

Retail: The retail sector continues to be a lucrative target for cybercriminals, particularly ransomware groups like Hunters International, LockBit, and Black Basta. The sector’s vulnerability is driven by the high value of customer data and the critical need to avoid downtime.

Healthcare: The healthcare sector’s susceptibility to ransomware attacks is well-known, with groups like LockBit and Inc ransomware being particularly active. The impact of these attacks is severe, often disrupting critical medical services.

Aviation: The aviation sector has seen a notable increase in attacks from both ransomware groups and hacktivists. The report highlighted a major breach at PDQ Air Spares, as well as the growing threat from pro-Russian and pro-Palestinian hacktivist groups targeting this industry for its geopolitical significance.

Regulatory Landscape

EU Digital Operations Resilience Act (DORA): Set to apply from January 2025, DORA will impose stringent ICT risk management and third-party risk management requirements on financial entities operating within or with the EU.

UN Cybercrime Treaty: Recently approved, this treaty aims to combat cybercrime on a global scale. However, it has sparked controversy due to concerns that states could use it to increase surveillance and repress journalists and activists.

How Adarma Can Help

Acting as an extension of your team, our goal is to understand your business and security objectives to provide the right solutions for your unique security requirements. Our expertise guarantees a balanced approach between security and operational efficiency, safeguarding your most crucial infrastructure and data.

Let’s Talk

If you would like to learn more about how Adarma can support your organisation’s cyber resilience, please get in touch with us at hello@adarma.com.

 

Contact Us