Blackpoint Cyber logo


© 2024 Blackpoint Cyber. All rights reserved.


Download Full Report

Blackpoint Cyber’s Annual Threat Report

Who should your Security team be ready to combat?  

Executive Summary 


Blackpoint Cyber logo

Reporting Period: December 2022-November 2023 

Leveraging Blackpoint’s 24/7 SOC and threat research conducted by the APG, Blackpoint Cyber’s annual threat report showcases two distinct features rooted in our unique experiences: 

Blackpoint’s report is predominantly based on internal data sources, ensuring a high level of authenticity and relevance to our operations. The inclusion of external sources, specifically Ransomwatch, is limited and strategically employed only in the context of ransomware analysis. This approach highlights our SOC’s proven track record in preemptively neutralizing ransomware actors, preventing them from achieving successful entry and ransom deployment. 

The most common tactic encountered by Blackpoint’s SOC is initial access attempts by threat actors. Our team’s effectiveness in quickly neutralizing threats at this initial stage sets us apart. While other organizations may have differing data on popular threat actor tactics, our findings are significantly influenced by our SOC’s unparalleled capability to contain threats swiftly and efficiently, 24/7. 

Cloud Security Trends & Insights 

The majority of cyberthreats reside in the cloud now. The threat landscape has expanded, and cloud platforms are primary targets for cyberattacks. Are you prepared?

With Cloud Response for Microsoft 365 and Google Workspace, you can be. From December 2022 to November 2023, an overwhelming 78.78% of all incidents Blackpoint addressed were related to cloud security. In this report, you’ll learn about threat actors’ tactics for attacking cloud environments, as well as how to combat them.

Industry-Specific Threat Analysis 

Over the last year, five industries encountered more attempted cyberattacks than all other Blackpoint partners and end clients. They were: 

Who should your Sales team be going after in 2024? 

Top 5 Threat Actors Encountered 

Download Full Report

Get Blackpoint Cyber’s Annual Threat Report 


As an MSP, your role in safeguarding SMBs from these escalating threats is pivotal. Download the report to gain access to: 

  • Comprehensive threat intelligence from security experts on the front lines 
  • Trends and insights to shape your security strategy 
  • Best practices to bolster your customers’ hybrid environments

Annual Threat Report Highlights

Not sure if you need to add cloud security to your stack?

78.78% of Blackpoint incidents were cloud related. 

Does your team or customers find unique passwords and MFA to be a hassle?

Business email compromise attempts rose 210% on average.

Wondering if Managed Detection, Response and Remediation is for you?

See how an MDR+R detains initial access attempts 24/7/365, leading to an ongoing success rate of stopping ransomware actors.

Data Source Integrity

Initial Access Focus


Almost half of ransomware attacks in the last year were attributed to LockBit.  

64% increase

There was a 64% increase in ransomware attacks using double extortion. 

of Blackpoint’s responses on endpoint devices were initial access attempts.  


Cyberthreat Landscape Overview 


Business Services


Financial Services






RedLine Stealer

David Rushmer, Director of Threat Research

David’s career began with developing and operating large-scale analytical platforms aimed at providing cyber defense. His focus then shifted to defensive research and operations, leading him to join the Blackpoint team. As the leader of APG, David provides threat intel, analyzes attack vectors, and aids with product development.

Connect with David on 

Derick Peterson, Threat Analyst 

Derick is part of the APG and focuses on threat analysis and reverse engineering. He has over a decade of IT and cybersecurity experience, with his career rooted in the US Army and continued involvement in the US Army Reserve, serving as a Host Analyst on a Cyber Protection Team. At Blackpoint, he investigates unknown threats, develops new detection solutions, and more.

Connect with Derick on

Predictions for 2024... 

Combating dominant threat actors’ tactics and protecting vulnerable industries may be more within your grasp than you think.

• Artificial Intelligence will be used to sophisticate cyberthreats 

• Sophisticated threat actors will utilize LolBins and RMM tools 

and more!

Blackpoint Cyber’s first Annual Threat Report covers the threat landscape from December 2022 to November 2023, through the lens of our 24/7 Security Operations Center (SOC). It is based primarily on our internal data, which has been interpreted and contextualized by the Adversary Pursuit Group (APG).