BEC Emerged as the Top Cyber Threat to Organisations in 2022
A new report from Secureworks has revealed a worrying trend in the cybersecurity landscape – the number of Business Email Compromise (BEC) attacks doubled in 2022, surpassing ransomware as the most common cyber threat to organisations.
Phishing and Vulnerability Exploits: Key Factors Driving the Growth of BEC Attacks
The growth in BEC attacks can be attributed to a surge in phishing campaigns, which accounted for 33% of incidents where the initial access vector (IAV) could be established, a near three-fold increase compared to 2021. Additionally, cybercriminals are exploiting vulnerabilities in internet-facing systems, which represented a third of incidents where IAV could be established.
The report also notes that BEC attacks require little to no technical skills, but they can be highly profitable. Attackers can phish multiple organisations simultaneously without needing to employ advanced skills or operate complicated affiliate models.
The Decline of Ransomware and the Rise of State-Sponsored Activity
The report also revealed a decline in ransomware incidents by 57%, while highlighting that it remains a “core” threat. The reduction could be due to a change in tactics or a decrease in the level of the threat following increased law enforcement activity around high-profile attacks.
However, the report also suggests that gangs may be targeting smaller organisations that are less likely to engage with incident responders, meaning they would fall outside the scope of the report. Furthermore, the report found that hostile state-sponsored activity increased to 9% in 2022, up from 6% in 2021, with 90% of the incidents attributed to threat actors affiliated with China.
Key Thoughts
According to Secureworks, their data shows that successful cyber attacks are often traced back to less sophisticated methods, despite the prevalence of discussions around advanced AI-driven threats in the security landscape. In fact, they characterised the current situation as being “more Chad in IT” than ChatGPT.
Although the report from Secureworks focuses on data from US organisations, the findings have implications for businesses and individuals around the world, including Australia. As cyber threats continue to become more sophisticated and interconnected, the risks faced by organisations in one country can quickly spread to others.
The sharp increase in BEC attacks serves as a sobering reminder that threat actors are constantly evolving their tactics and exploiting new vulnerabilities. Although the reduction in ransomware incidents is a positive sign, it is still a serious threat that must not be overlooked.