"Arctic Wolf: One-Third of All Cyberattacks Now Involve Business Email Compromise"
Arctic Wolf Networks released a report finding that there has been a significant increase in Business Email Compromise (BEC) attacks in the first half of this year. According to data analysis and insights from Arctic Wolf's incident response unit Tetra Defense, BEC attacks now account for more than a third of all total cases, with the number of cases nearly doubling between the first and second quarters. Finance, insurance, business services, legal, and government all saw significant increases in this type of attack. Of the organizations that fell victim to BEC attacks, 80 percent did not have multi-factor authentication (MFA) in place prior to the incident. The report also highlighted that the median ransomware demand from threat actor groups in the first half of the year was $450,000, with the technology and shipping/logistics industries facing more than double the global median. The ransoms demanded from the shipping and logistics industries are suspected to be higher because these industries are often found to have less organized networks and data structures, as well as weaker backup practices. In contrast, despite accounting for more than 30 percent of the caseload, the healthcare, finance, and insurance industries all had median ransom demands that were lower than the global average. Researchers say this is because these industries are typically more mature in their cyber hygiene practices as they handle highly sensitive and valuable data, giving threat actors less leverage to demand a higher ransom. This article continues to discuss key findings from Arctic Wolf Networks' new cybersecurity report.