Gridware Logo

Top Cyber Threat: BEC Attacks Overtake Ransomware in 2022

Share:

BEC Emerged as the Top Cyber Threat to Organisations in 2022 

A new report from Secureworks has revealed a worrying trend in the cybersecurity landscape – the number of Business Email Compromise (BEC) attacks doubled in 2022, surpassing ransomware as the most common cyber threat to organisations.  

Phishing and Vulnerability Exploits: Key Factors Driving the Growth of BEC Attacks 

The growth in BEC attacks can be attributed to a surge in phishing campaigns, which accounted for 33% of incidents where the initial access vector (IAV) could be established, a near three-fold increase compared to 2021. Additionally, cybercriminals are exploiting vulnerabilities in internet-facing systems, which represented a third of incidents where IAV could be established. 

The report also notes that BEC attacks require little to no technical skills, but they can be highly profitable. Attackers can phish multiple organisations simultaneously without needing to employ advanced skills or operate complicated affiliate models. 

The Decline of Ransomware and the Rise of State-Sponsored Activity 

The report also revealed a decline in ransomware incidents by 57%, while highlighting that it remains a “core” threat. The reduction could be due to a change in tactics or a decrease in the level of the threat following increased law enforcement activity around high-profile attacks. 

However, the report also suggests that gangs may be targeting smaller organisations that are less likely to engage with incident responders, meaning they would fall outside the scope of the report. Furthermore, the report found that hostile state-sponsored activity increased to 9% in 2022, up from 6% in 2021, with 90% of the incidents attributed to threat actors affiliated with China. 

Key Thoughts 

According to Secureworks, their data shows that successful cyber attacks are often traced back to less sophisticated methods, despite the prevalence of discussions around advanced AI-driven threats in the security landscape. In fact, they characterised the current situation as being “more Chad in IT” than ChatGPT.  

Although the report from Secureworks focuses on data from US organisations, the findings have implications for businesses and individuals around the world, including Australia. As cyber threats continue to become more sophisticated and interconnected, the risks faced by organisations in one country can quickly spread to others.  

The sharp increase in BEC attacks serves as a sobering reminder that threat actors are constantly evolving their tactics and exploiting new vulnerabilities. Although the reduction and recovery from ransomware incidents is a positive sign, it is still a serious threat that must not be overlooked.

Picture of Ahmed Khanji
Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. He is recognised for his insights into offensive security and emerging technologies such as blockchain, and often contributes to broader cybersecurity conversations across the country. With an extensive background as a security advisor to major Australian enterprises, Ahmed helps organisations navigate the evolving threat landscape with clarity and confidence.

Related Articles​

What Is a Managed Security Service Provider (MSSP)?

Managed Security vs In-House Security Team: Which Makes More Sense for Your Business?

How to Build a Cyber Incident Response Plan for Your Australian Business

Our services

We partner deeply with clients to understand their needs, working closely and iteratively to provide robust, best-in-class security solutions

Learn more about the team at forefront of the Australian Cyber Security scene.

Gridware team
Learn more about our renowned partners and awards.

Expert penetration testing

Incident investigation & remediation

Governance, Audits & Strategy

Simulate real attacks

Security-as-a-service

24x7x365 Security Operations Centre

Comprehensive & proactive security

Harness the benefits of cloud technology

End-to-end security suite

Swift, expert-led incident resolution

Resources

A collection of our published insights, whitepapers, customer success stories and more.

Resources

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

RSPCA logo
Nikon logo

Download our Cyber Governance Factsheet

Network Penetration Testing

Get a quote

Please fill out the form so we accurately can quote your project:

Emergency Assistance

Under Attack?

Please fill out the form and we will respond ASAP. Alternatively, click the button to call us now.

Download our Incident Response Factsheet