The telecommunications industry stood out as the sixth most targeted industry for ransomware attacks in October, according to a new report produced by NCC Group, a global security company that works with both corporate clients and governments.
“Cyber Threat Intelligence, Review of October 2024” showed that there were 19% more ransomware cases globally than in the previous month, encompassing 486 attacks. North America was the location of 56% of all ransomware attacks in October.
Ransomware continues to pose a significant threat to cybersecurity, the report said. It added that the boundaries between organized crime groups and nation-states in the realm of cybercrime are becoming increasingly blurred.
The report said these “cyber adversaries” perpetrating ransomware and other types of attacks are motivated by political and economic issues, and usually operate for long-term results. Among the characteristics of nation-state threat actors, they:
- Are funded, supported and directed by a national government.
- Possess technical skills and tools that typically exceed those of other cybercriminals.
- Align with the strategic objectives of their sponsor, which may include espionage, disruption, destruction, or influence operations.
- Select targets that may include critical infrastructure providers, governments, defense suppliers, and political entities.
- Operate intelligence-gathering campaigns that may last for months or years, with the intention to disrupt the target’s operations or perhaps influence public opinion.
“The data shows [we] are witnessing changing dynamics of the threat landscape, with nation-states and organized crime groups increasingly collaborating,” said Matt Hull, head of threat intelligence at NCC Group. “As different threat actors leverage each other’s resources, it is crucial for organizations to ensure that they’re on top of fundamental security practices such as password management, endpoint security, and multi-factor authentication.
Hull said attacks are becoming less random and more targeted. High-value targets include organizations that “rely on uptime and hold large amounts of intellectual property or personally identifiable information.”
The report said the tools and techniques threat actors use to implement cyberattacks, like ransomware attacks, include spear phishing, Zero-Day, advanced malware, watering hole attacks, and social engineering.
Understanding how threat actors implement their attacks is foundational to mitigating cybersecurity vulnerabilities. Organizations that are weak in cyber vulnerability management are more likely to have wider cybersecurity issues, according to another recent report.