news-details
Technology

Cisco Talos Incident Response Quarterly Trends: Business Email Compromise Emerges as Most Common Threat

Cisco (NASDAQ: CSCO) has released the Talos Incident Response (IR) Quarterly Trends report for Q1 2024, highlighting key insights into the cybersecurity landscape. Developed by Cisco Talos Intelligence Group, the report is designed to help organizations defend against the most common cyberthreats.

Business Email Compromise on the Rise

For the first time in several quarters, Business Email Compromise (BEC) has emerged as the most common threat in Q1 2024. BEC accounted for 46 percent of all Cisco Talos IR engagements, marking a significant increase from Q4 2023. Adversaries often use this tactic to impersonate legitimate business members, sending phishing emails that may contain malicious payloads or orchestrate financial schemes.

Persistent Weaknesses in Multi-Factor Authentication

Cisco’s security researchers identified a new phishing kit named Tycoon 2FA that bypasses multi-factor authentication (MFA). Although it has not yet appeared in Talos IR engagements, it is becoming widespread. Nearly half of all engagements showed weaknesses in MFA, with unauthorized push notification acceptance and improper MFA implementation being the top vulnerabilities.

New Variants of Ransomware Detected

Incidents of ransomware decreased by 11 percent in Q1 2024, making up 17 percent of engagements. New variants of Phobos and Akira ransomware were detected for the first time, along with ongoing threats from LockBit and Black Basta. Akira has resumed using encryption for extortion, targeting both Windows and Linux machines.

Manufacturing: The Most Targeted Sector

Continuing from Q4 2023, manufacturing remained the most targeted sector, representing 21 percent of incident response engagements, followed closely by education. Healthcare, public administration, and technology sectors tied for third. The manufacturing sector's low tolerance for operational downtime makes it a prime target for financially motivated attacks, including BEC, ransomware, and brute-force attacks on VPNs.

Evolving Cyberattack Techniques

The primary method for gaining initial access was using compromised credentials, making up 29 percent of engagements—a 75 percent increase from Q4 2023. Email hiding inbox rules were the most observed defense evasion technique, representing 21 percent of engagements, likely due to the rise in BEC and phishing.

Cisco’s Proactive Cybersecurity Strategy

Fady Younes, Managing Director for Cybersecurity at Cisco Middle East & Africa, emphasized the importance of a holistic digital security strategy in the face of evolving threats. Cisco leverages advanced technologies, including AI, to help organizations implement proactive cybersecurity measures. Key recommendations include:

  • Multi-Factor Authentication (MFA): Implement MFA, such as Cisco Duo, to secure corporate email accounts and prevent BEC.
  • Endpoint Detection and Response (EDR): Utilize EDR solutions like Cisco Secure Endpoint to detect malicious activities.
  • Threat Detection Signatures: Employ Cisco’s Snort and ClamAV signatures to block known ransomware families like Black Basta and Akira.

In summary, Cisco's Q1 2024 Talos IR report underscores the critical need for robust cybersecurity measures to combat rising threats, particularly BEC, and highlights the importance of MFA and EDR solutions in protecting organizational infrastructure

Related News

Emirates Stallions Group Repor ...

Emirates Stallions Group (ADX: ESG), a leading conglomerate with operations in Workforce Solutions, Construction, and Real Estate, and a subsidiary of International Holding Company...

Investopia Global Talks Launch ...

The Investopia Global Talks initiative has launched a new session in Chennai, Tamil Nadu, India, with a focus on enhancing the economic partnership between the United Arab Emirates...

Samsung Gulf Hosts Inaugural G ...

Samsung Gulf Electronics celebrated the UAE's vibrant creative community at its first Galaxy Creators' Day event, showcasing the latest flagship devices from the Galaxy lineup. The...

Huawei’s Oman Commercial Roads ...

Huawei hosted the Oman leg of its Middle East and Central Asia (ME&CA) Commercial Roadshow on July 22 in Muscat, focusing on advancing digital transformation in line with Oman ...

SuperBridge Summit 2024 to Showcase ...

The Dubai World Trade Centre (DWTC) and the SuperBridge Council have reaffirmed their commitment to establishing the Middle East as a premier destination for innovation and entrepr...

Mamo Secures $3.4 Million to Enhanc ...

Mamo, a UAE-based fintech startup dedicated to streamlining payment collection, corporate cards, and expense management for small and medium-sized businesses (SMEs), has successful...

Dubai International Chamber Attract ...

The Dubai International Chamber, part of Dubai Chambers, has made significant strides in attracting foreign direct investment and supporting local companies' global expansion effor...

Applications Open for MBZUAI’s Six- ...

Mohamed bin Zayed University of Artificial Intelligence (MBZUAI) invites thirty local and international executives to apply for its upcoming six-day intensive program, the MBZUAI E...

Fourth Phase of Riviera by Azizi De ...

Azizi Developments, a prominent private real estate developer in the UAE, has announced significant progress in the fourth phase of Riviera, their French Mediterranean-inspired wat...

GPCA to Recognize Young Talent in A ...

The Gulf Petrochemicals and Chemicals Association (GPCA) is set to celebrate the innovative ideas and talents of GCC university students in the field of agri-nutrient sustainabilit...