In the ever-evolving landscape of cybersecurity threats, staying ahead of malicious actors is crucial now more than ever. Unit 42, the threat intelligence arm of leading cybersecurity provider, Palo Alto Networks, today published its 2024 Incident Response Report, examining data from all the incidents in 2023 its threat teams responded to.
The data paints a concerning picture of escalating cyber threats, revealing a significant decrease in the time between compromise and data exfiltration. In fact, 45% of cases in 2023 saw attackers exfiltrate data in less than a day after compromise, with the median time dropping from 9 days in 2021 to just 2 in 2023.
Other key findings from the report include:
- The top industries targeted include: professional and legal services, high technology, manufacturing, healthcare, finance and, wholesale and retail. These accounted for 63% of cases in 2023.
- Ransomware remains a prevalent threat, with 33% of incidents involving malware linked to ransomware. The use of malware for data destruction has also increased 5x since 2022, posing new challenges for data security.
- Nearly 68% of attackers kept their ransom promises after they’ve been paid. However, 21% did not keep their promises.
- An increase in cloud incident responses, up from 6% in 2021, to 16.6% in 2023, signalling a growing threat landscape in cloud environments.
