Enable breadcrumbs token at /includes/pageheader.html.twig

Flashpoint Calculates Rise in Cyber Threats Around the World

The company’s Global Threat Intelligence Index highlights the increasingly complex cyber environment.

Flashpoint's midyear update of the global cyber threat landscape reveals a rise in attacks and malicious actors. Credit: Pungu x-stock.adobe.com

Flashpoint, a cyber threat intelligence platform, released a midyear edition of its Global Threat Intelligence Index to provide updates to the cyber threat landscape since January 1. Ransomware attacks, vulnerability disclosures and data breaches have all been on the rise within the last six months.

Since the beginning of the year, the theft of credentials via information-stealing malware has increased by 800% with 1.8 billion credentials stolen in several different ways using autofill information, saved credit cards and cryptocurrency addresses, according to Flashpoint’s midyear assessment.

According to the report, there have been more than 20,000 new vulnerability disclosures, which is an increase of 246%, and publicly available exploits have risen by 179%. Instead of having companies try to mitigate every vulnerability, Ian Gray, Flashpoint’s vice president of intelligence, said his advice is for vulnerability management teams to implement a risk-based patching framework and prioritize vulnerabilities that are remotely exploitable and have public exploit code.

“Whether it's for monitoring for vulnerabilities, monitoring for data breaches, looking at credit card data, dump data, ransomware data, it's very good to prioritize your tech stack to understand where might the risk be introduced into your operations,” Gray said during a media briefing Tuesday.

Data breaches have increased by 235%, providing attackers with personally identifiable information. According to the report, more than 9.45 billion records of account credentials, social security numbers and financial information have been exposed since January, and unauthorized access is the leading type of data breach.

Ransomware incidents have risen by 179%, and the United States is the most targeted country with 2,160 ransomware attacks, according to Flashpoint’s report.

While studying the trends in ransomware attacks, Gray said he has witnessed more extortion over encryption operations.

“We're seeing groups that solely focus on just stealing the data and then selling it back to the victim,” Gray said.

Flashpoint’s report also noted that law enforcement has been more involved in tracking down malicious actors in recent months, including the takedown of cyber actors Lumma and RedLine. However, both groups have been able to continue stealing information since.

“Whenever a forum goes down, it feels like two or three will come up and take its place, just demonstrating the persistency of a lot of these groups,” Gray said.

While undersea cable cuts and other cyber incidents have escalated, new attacks, like the infiltration of the compliance messaging app TeleMessage used by U.S. government officials, have been occurring as well.

Gray said more small groups are emerging, creating a more complex and unpredictable cyber attack environment.

“It may not be enough just to monitor for an IOC [indicator of compromise] of a group or a known variant of a ransomware when you're also looking at threat actors that are just looking for entry points into a network to steal data,” Gray explained. “So, it means that as defenders, we have to be a lot more agile."