FOLLOW US
© 2024 Blackpoint Cyber. All rights reserved.
PRESENTED BY THE ADVERSARY PURSUIT GROUP
Blackpoint Cyber’s Annual Threat Report
Who should your Security team be ready to combat?
Executive Summary
Contributors
Reporting Period: December 2022-November 2023
Leveraging Blackpoint’s 24/7 SOC and threat research conducted by the APG, Blackpoint Cyber’s annual threat report showcases two distinct features rooted in our unique experiences:
Blackpoint’s report is predominantly based on internal data sources, ensuring a high level of authenticity and relevance to our operations. The inclusion of external sources, specifically Ransomwatch, is limited and strategically employed only in the context of ransomware analysis. This approach highlights our SOC’s proven track record in preemptively neutralizing ransomware actors, preventing them from achieving successful entry and ransom deployment.
The most common tactic encountered by Blackpoint’s SOC is initial access attempts by threat actors. Our team’s effectiveness in quickly neutralizing threats at this initial stage sets us apart. While other organizations may have differing data on popular threat actor tactics, our findings are significantly influenced by our SOC’s unparalleled capability to contain threats swiftly and efficiently, 24/7.
Cloud Security Trends & Insights
The majority of cyberthreats reside in the cloud now. The threat landscape has expanded, and cloud platforms are primary targets for cyberattacks. Are you prepared?
With Cloud Response for Microsoft 365 and Google Workspace, you can be. From December 2022 to November 2023, an overwhelming 78.78% of all incidents Blackpoint addressed were related to cloud security. In this report, you’ll learn about threat actors’ tactics for attacking cloud environments, as well as how to combat them.
Industry-Specific Threat Analysis
Over the last year, five industries encountered more attempted cyberattacks than all other Blackpoint partners and end clients. They were:
Who should your Sales team be going after in 2024?
Top 5 Threat Actors Encountered
Get Blackpoint Cyber’s Annual Threat Report
PRESENTED BY THE ADVERSARY PURSUIT GROUP
As an MSP, your role in safeguarding SMBs from these escalating threats is pivotal. Download the report to gain access to:
- Comprehensive threat intelligence from security experts on the front lines
- Trends and insights to shape your security strategy
- Best practices to bolster your customers’ hybrid environments
Annual Threat Report Highlights
Not sure if you need to add cloud security to your stack?
78.78% of Blackpoint incidents were cloud related.
Does your team or customers find unique passwords and MFA to be a hassle?
Business email compromise attempts rose 210% on average.
Wondering if Managed Detection, Response and Remediation is for you?
See how an MDR+R detains initial access attempts 24/7/365, leading to an ongoing success rate of stopping ransomware actors.
Data Source Integrity
Initial Access Focus
42.68%
Almost half of ransomware attacks in the last year were attributed to LockBit.
64% increase
There was a 64% increase in ransomware attacks using double extortion.
of Blackpoint’s responses on endpoint devices were initial access attempts.
95%
Cyberthreat Landscape Overview
Technology
Business Services
Healthcare
Financial Services
Manufacturing
BlackCat
LockBit
Qakbot
Akira
RedLine Stealer
David Rushmer, Director of Threat Research
David’s career began with developing and operating large-scale analytical platforms aimed at providing cyber defense. His focus then shifted to defensive research and operations, leading him to join the Blackpoint team. As the leader of APG, David provides threat intel, analyzes attack vectors, and aids with product development.
Connect with David on LinkedIn.
Derick Peterson, Threat Analyst
Derick is part of the APG and focuses on threat analysis and reverse engineering. He has over a decade of IT and cybersecurity experience, with his career rooted in the US Army and continued involvement in the US Army Reserve, serving as a Host Analyst on a Cyber Protection Team. At Blackpoint, he investigates unknown threats, develops new detection solutions, and more.
Connect with Derick on LinkedIn.
Predictions for 2024...
Combating dominant threat actors’ tactics and protecting vulnerable industries may be more within your grasp than you think.
• Artificial Intelligence will be used to sophisticate cyberthreats
• Sophisticated threat actors will utilize LolBins and RMM tools
• and more!
Blackpoint Cyber’s first Annual Threat Report covers the threat landscape from December 2022 to November 2023, through the lens of our 24/7 Security Operations Center (SOC). It is based primarily on our internal data, which has been interpreted and contextualized by the Adversary Pursuit Group (APG).