A new report from Nuspire has validated presumptions that 2022 yielded the most threat activity in history.
Managed security services provider Nuspire has announced the release of its Q4 and Year in Review 2022 Threat Report. The quarterly report provides a comprehensive analysis of the threat landscape, parsing malware, botnet and exploit data as well as breaking down the tactics, techniques and procedures (TTPs) favoured by cybercriminals.
The report signals a continued surge in cyber threat volume and severity.
According to the report, while the fourth quarter saw dips across all three sectors Nuspire monitors, including malware, botnets and exploits, the net sum for the year shows a marked increase, especially in the case of exploits, which nearly doubled.
“We saw some normal ebbs in threat activity over the year, but the surges were stunning, delivering a volume of attacks weve never seen before,” says J.R. Cunningham, Chief Security Officer at Nuspire.
“While many of the methods focused on securing quick wins, like phishing and exploiting unpatched vulnerabilities, we also saw a rise in more coordinated threat group attacks on large organisations and critical infrastructure,” Cunningham says.
“Expect 2023 to have more of this activity, as well as adversaries increased attention toward attacking consumer IoT devices.”
Notable findings from Nuspires quarterly report include:
- Exploit activity grew by 105% in Q4 2022, with total 2022 exploits nearly doubling over 2021.
- Brute forcing was the most popular tactic, increasing by nearly 400% over Q3 2022.
- Malware jumped nearly 35% in Q4, with its year-over-year increase reaching 6.85%. Nuspire attributes this relatively smaller increase to the positive effects of Microsofts’ decision to block Visual Basic for Applications (VBA) macros by default for Office files. Botnets jumped by 30% in 2022, with banking trojan Torpig Mebroot comprising more than 40% of all botnet activity throughout the year.
“If 2022 showed us anything, its that threat actors are not only increasingly adept at finding ways to circumnavigate established cybersecurity defenses, but also, they bring a level of agility that lets them quickly course correct when a vector loses viability,” says Craig Robinson, Research VP for Security Services at IDC.
“We have seen the emergence of new security technologies aimed at thwarting a more creative and sophisticated adversary population, but no specific technology can replace the value of targeted threat intelligence to understand what’s out there, how they’re doing it and what you can do to protect yourself.”