Within the dynamic world of cybersecurity, 2023 marked a big shift, underscored by a 1760% enhance in Enterprise Electronic mail Compromise (BEC) assaults. This startling revelation, detailed in Notion Level’s ‘2024 Annual Report: Cybersecurity Trends & Insights‘, factors to the rising sophistication of cyber threats. The Tel Aviv-based chief in superior electronic mail and workspace safety options highlights how Generative AI (GenAI) applied sciences have develop into a device for risk actors, enabling them to craft intricate social engineering assaults which might be more and more tough to detect.
The previous 12 months’s cyber panorama was formed by the outstanding advances in GenAI, which malicious actors used to reinforce the size and complexity of their assaults. In 2022, BEC assaults constituted a mere 1% of all cyberattacks, however by 2023, they accounted for a staggering 18.6%.
Phishing continued to be the dominant cyber risk, accounting for over 70% of all assaults, with little change from the earlier 12 months. Nevertheless, quishing—a brand new type of risk exploiting QR codes—emerged, accounting for two.7% of all phishing makes an attempt. The belief positioned in QR codes has been manipulated by attackers, turning a easy scan into a big safety threat. In 2023, 1 out of each 18 QR codes despatched by way of electronic mail was malicious.
Moreover, the prevalence of two-step phishing assaults noticed a 175% enhance. These multi-stage assaults, tougher to detect because of their use of reputable companies and internet hosting websites, exploit the reputations of well-known domains, evading detection extra simply.
The report additionally highlights a 350% rise in account takeover (ATO) threats, the place reputable accounts are compromised after which utilized in extremely focused assaults. Model impersonation assaults additionally noticed a big enhance, with 55% of all such assaults in 2023 mimicking the focused worker’s group.
Electronic mail remained the first assault vector, with 1 in 5 emails being malicious or spam. Menace actors expanded their horizons to focus on organizations via different means as effectively, with phishing assaults by way of net browsers rising considerably and malware distribution in M365 Apps like OneDrive, SharePoint, and Groups accounting for 65% of assaults. Over 50% of assaults focused CRMs like Zendesk and Salesforce.
Yoram Salinger, CEO of Perception Point, emphasizes the impression of GenAI’s proliferation on organizational safety postures. He highlights the evolving nature of the fashionable workspace, more and more reliant on cloud-based electronic mail, collaboration, and productiveness instruments accessible from any browser. Notion Level’s dedication to defending this contemporary workspace is clear of their consolidated risk prevention answer, which mixes multi-layered AI-powered detection with managed incident response companies.
Notion Level, a Prevention-as-a-Service firm, stands on the forefront of next-generation prevention, detection, and response to assaults throughout electronic mail, cloud collaboration apps, and net browsers. Their cloud-native service, straightforward to deploy and handle, is designed to interchange cumbersome legacy methods. It prevents phishing, BEC, spam, malware, Zero-days, ATO, and different superior assaults, defending Fortune 500 enterprises and organizations globally.
This complete report by Notion Level affords invaluable insights into the evolving cyber risk panorama, underscoring the necessity for revolutionary safety options in an period the place GenAI and superior social engineering techniques have gotten the norm. You’ll be able to view the complete report here.
