Ransomware activity increased 100 percent quarter over quarter in transportation and shipping, in the US alone, according to a report by a cybersecurity company. Trellix on Thursday released The Threat Report: Fall 2022, which analyses cybersecurity trends from the third quarter of 2022.
Globally, transportation was the second most active sector (following telecom), with more advanced persistent threats (APT) detected in transportation than in any other sector.
The report examines malicious cyber activity, including threats to email, the malicious use of legitimate third-party security tools, and more.
Also Read:
Key findings of the report are as follows:
Germany Saw the Highest Detections: Not only did Germany generate the most threat detections related to APT actors in Q3 (29 percent of observed activity), but they also had the most ransomware detections. Ransomware detections rose 32 percent in Germany in Q3 and generated 27 percent of global activity.
Emerging Threat Actors Scaled: The China-linked threat actor, Mustang Panda, had the most detected threat indicators in Q3, followed by Russian-linked APT29 and Pakistan-linked APT36.
Ransomware Evolved: Phobos, a ransomware sold as a complete kit in the cybercriminal underground, has avoided public reports until now. It accounted for 10 percent of global detected activity and was the second most used ransomware detected in the US. LockBit was the most detected ransomware globally, generating 22 percent of detections.
Old Vulnerabilities Continued to Prevail: Years-old vulnerabilities continue to be successful exploitation vectors. Trellix observed Microsoft Equation Editor vulnerabilities comprised of CVE-2017-11882, CVE-2018-0798, and CVE-2018-0802 to be the most exploited among malicious emails received by customers during Q3.
Malicious Use of Cobalt Strike: Trellix saw Cobalt Strike used in 33 percent of observed global ransomware activity and 18 percent of APT detections in Q3. Cobalt Strike, a legitimate third-party tool created to emulate attack scenarios to improve security operations, is a favourite tool of attackers who repurpose its capabilities for malicious intent.
Trellix Advanced Research Center brings together a team of security professionals and researchers to produce insightful and actionable real-time intelligence to propel customer outcomes and the industry at large.
Check out our in-depth Market Coverage, Business News & get real-time Stock Market Updates on CNBC-TV18. Also, Watch our channels CNBC-TV18, CNBC Awaaz and CNBC Bajar Live on-the-go!
Lok Sabha Election 2024: What rural Delhi wants
May 16, 2024 10:10 PM
Over 50 onion farmers detained in Nashik ahead of PM Modi's visit
May 16, 2024 11:14 AM
Why Google CEO is cautiously optimistic about the election year
May 16, 2024 9:51 AM
Mark Mobius reveals how markets will react if NDA wins 400+ Lok Sabha seats
May 15, 2024 8:09 PM