Webinar: Insights from Adarma’s Threat Landscape Report
Watch on-demand
Adarma recently hosted a webinar revealing key insights from its latest Threat Landscape Report. Led by Cian Heasley, Threat Lead at Adarma and Gerry Bruin, Threat Specialist at Adarma, the webinar provided crucial insights into emerging threats, ransomware statistics, advanced persistent threat (APT) activity and industry-specific threats. For those unable to attend, here’s a summary of the key highlights. For a more in-depth look at the threat landscape and mitigation recommendations, we invite you to watch the full webinar here:
Emerging Threats in 2024
QR Code Phishing: This technique involves phishing attempts that prompt victims to scan a QR code, leading to malicious sites designed to steal credentials or deliver malware. The widespread adoption of QR codes in everyday life has made this method more common, particularly as it often bypasses corporate security measures by targeting personal devices.
SIM Swapping: This attack involves transferring a victim’s phone number to a new SIM card to bypass SMS-based multi-factor authentication (MFA). Often facilitated by insiders within mobile providers, SIM swapping has led to significant losses, especially in the cryptocurrency space. The key takeaway here is the need to move away from SMS-based MFA and move in favour of more secure methods like MFA apps or hardware tokens.
AI and Deepfake Technology: The misuse of AI in deepfake technology is on the rise, with notable incidents including North Korean hackers using deepfake images to gain employment at a security firm. Additionally, a British engineering firm lost $25 million in a deepfake-enabled scam. These cases underscore the increasing sophistication of social engineering attacks.
Malvertising: Malvertising, or the injection of malicious code into legitimate ads, remains a potent threat. Recent campaigns have involved tactics like prompting users to run PowerShell commands, leading to the spread of malware like the DarkGate malware and various info-stealers.
Industry-Specific Threats
Finance: Banking Trojans remain a significant threat, with groups like GrandGuerrero, Medusa, and the newly discovered Brookwell targeting financial institutions. Notable breaches in 2024 included HSBC and Barclays, both linked to third-party contractor compromises.
Retail: The retail sector continues to be a lucrative target for cybercriminals, particularly ransomware groups like Hunters International, LockBit, and Black Basta. The sector’s vulnerability is driven by the high value of customer data and the critical need to avoid downtime.
Healthcare: The healthcare sector’s susceptibility to ransomware attacks is well-known, with groups like LockBit and Inc ransomware being particularly active. The impact of these attacks is severe, often disrupting critical medical services.
Aviation: The aviation sector has seen a notable increase in attacks from both ransomware groups and hacktivists. The report highlighted a major breach at PDQ Air Spares, as well as the growing threat from pro-Russian and pro-Palestinian hacktivist groups targeting this industry for its geopolitical significance.
Regulatory Landscape
EU Digital Operations Resilience Act (DORA): Set to apply from January 2025, DORA will impose stringent ICT risk management and third-party risk management requirements on financial entities operating within or with the EU.
UN Cybercrime Treaty: Recently approved, this treaty aims to combat cybercrime on a global scale. However, it has sparked controversy due to concerns that states could use it to increase surveillance and repress journalists and activists.
How Adarma Can Help
Acting as an extension of your team, our goal is to understand your business and security objectives to provide the right solutions for your unique security requirements. Our expertise guarantees a balanced approach between security and operational efficiency, safeguarding your most crucial infrastructure and data.