Artificial Intelligence
IBM Report: Ransomware Persisted Despite Improved Detection in 2022
IBM (NYSE: IBM) Security today released its annual X-Force Threat Intelligence Index finding that although ransomware’s share of incidents declined only slightly (4 percentage points) from 2021 to 2022, defenders were more successful detecting and preventing ransomware. Despite this, attackers continued to innovate with the report showing the average time to complete a ransomware attack dropped from 2 months down to less than 4 days.
According to the 2023 report, the deployment of backdoors, which allow remote access to systems, emerged as the top action by attackers last year. About 67% of those backdoor cases related to ransomware attempts, where defenders were able to detect the backdoor before ransomware was deployed. The uptick in backdoor deployments can be partially attributed to their high market value. X-Force observed threat actors selling existing backdoor access for as much as $10,000, compared to stolen credit card data, which can sell for less than $10 today.
“The shift towards detection and response has allowed defenders to disrupt adversaries earlier in the attack chain – tempering ransomware’s progression in the short term,” said Charles Henderson, Head of IBM Security X-Force. “But it’s only a matter of time before today’s backdoor problem becomes tomorrow’s ransomware crisis. Attackers always find new ways to evade detection. Good defense is no longer enough. To break free from the never-ending rat race with attackers, businesses must drive a proactive, threat-driven security strategy.”
The IBM Security X-Force Threat Intelligence Index tracks new and existing trends and attack patterns – pulling from billions of datapoints from network and endpoint devices, incident response engagements and other sources.
Some of the key findings in the 2023 report include:
- Extortion: Threat Actors Go-to Method. The most common impact from cyberattacks in 2022 was extortion, which was primarily achieved through ransomware or business email compromise attacks. Europe was the most targeted region for this method, representing 44% of extortion cases observed, as threat actors sought to exploit geopolitical tensions.
- Cybercriminals Weaponize Email Conversations. Thread hijacking saw a significant rise in 2022, with attackers using compromised email accounts to reply within ongoing conversations posing as the original participant. X-Force observed the rate of monthly attempts increase by 100% compared to 2021 data.
- Legacy Exploits Still Doing the Job. The proportion of known exploits relative to vulnerabilities declined 10 percentage points from 2018 to 2022, due to the fact that the number of vulnerabilities hit another record high in 2022. The findings indicate that legacy exploits enabled older malware infections such as WannaCry and Conficker to continue to exist and spread.
Extortion Pressure Applied (Unevenly)
Cybercriminals often target the most vulnerable industries, businesses, and regions with extortion schemes, applying high psychological pressure to force victims to pay. Manufacturing was the most extorted industry in 2022, and it was the most attacked industry for the second consecutive year. Manufacturing organizations are an attractive target for extortion, given their extremely low tolerance for down time.
Ransomware is a well-known method of extortion, but threat actors are always exploring new ways to extort victims. One of the latest tactics involves making stolen data more accessible to downstream victims. By bringing customers and business partners into the mix, operators increase pressure on the breached organization. Threat actors will continue experimenting with downstream victim notifications to increase the potential costs and psychological impact of an intrusion – making it critical that businesses have a customized incident response plan that also considers the impact of an attack on downstream victims.
Thread Hijacking on the Rise
Email thread hijacking activity surged last year, with monthly attempts by threat actors doubling compared to 2021 data. Over the year, X-Force found that attackers used this tactic to deliver Emotet, Qakbot, and IcedID, malicious software that often results in ransomware infections.
With phishing being the leading cause of cyberattacks last year, and thread hijacking’s sharp rise, it’s clear that attackers are exploiting the trust placed in email. Businesses should make employees aware of thread hijacking to help reduce the risk of them falling victim.
Mind the Gap: Exploit “R&D” Lagging Vulnerabilities
The ratio of known exploits to vulnerabilities has been declining over the last few years, down 10 percentage points since 2018. Cybercriminals already have access to more than 78,000 known exploits, making it easier to exploit older, unpatched vulnerabilities. Even after 5 years, vulnerabilities leading to WannaCry infections remain a significant threat. X-Force recently reported an 800% increase in WannaCry ransomware traffic within MSS telemetry data since April 2022. The continued use of older exploits highlights the need for organizations to refine and mature vulnerability management programs, including better understanding their attack surface and risk-based prioritization of patches.
Additional findings from the 2023 report include:
- Phishers “Give Up” on Credit Card Data. The number of cybercriminals targeting credit card information in phishing kits dropped 52% in one year, indicating that attackers are prioritizing personally identifiable information such as names, emails, and home addresses, which can be sold for a higher price on the dark web or used to conduct further operations.
- North America Felt Brunt of Energy Attacks. Energy held its spot as the 4th most attacked industry last year, as global forces continue to affect an already tumultuous global energy trade. North American energy organizations accounted for 46% of all energy attacks observed last year, a 25% increase from 2021 levels.
- Asia Tops the Target List. Accounting for nearly one-third of all attacks that X-Force responded to in 2022, Asia saw more cyberattacks than any other region. Manufacturing accounted for nearly half of all cases observed in Asia last year.
The report features data IBM collected globally in 2022 to deliver insightful information about the global threat landscape and inform the security community about the threats most relevant to their organizations. You can download a copy of the 2023 IBM Security X-Force Threat Intelligence Report here.
Additional sources
Artificial Intelligence
JupiterOne and watchTowr announce partnership to protect business critical assets with broad exposure management capabilities
SINGAPORE, May 2, 2024 /PRNewswire/ — watchTowr, a leader in external attack surface management (EASM) technology and fuelled by watchTowr Labs, a renowned vulnerability R&D capability, has formed a strategic partnership with JupiterOne. JupiterOne is a leader in cyber asset attack surface management (CAASM) technology. This collaboration enables customers to rapidly prioritize emerging threats within their constantly changing environments, focusing on fixing the most critical risks impacting their business, which enables an end-to-end continuous threat exposure management process (CTEM).
Over 28,000 CVE records were published in 2023; a figure that is expected to increase as attackers shorten the time from known vulnerability to exploit, reducing it from weeks to days. JupiterOne and watchTowr’s integrated solution empowers enterprises to discover their most critical and exploitable vulnerabilities, prioritize them with asset context based on business impact and receive an actionable remediation plan to improve security posture.
This partnership enables a complete continuous threat exposure management program, addressing the full spectrum of cyber risk management. The fully integrated solution provides continuous monitoring and assessment of both internal and external digital assets, allowing for prioritization and effective threat mitigation for a business’s most critical assets. “Our partnership with watchTowr is a game-changer” said Forte. “Combining our data aggregation with real-time asset discovery and automated security testing allows us to offer a unique, all-encompassing approach to exposure management.”
Benjamin Harris, CEO, watchTowr, said, “While the number of reported vulnerabilities continues to rise, the vulnerabilities that matter – in mission-critical, key systems – have exploded at an alarming rate. This reality, combined with the significant shift in speed by attackers to weaponize vulnerabilities – the ability to validate exploitability and prioritise actions based on real business risk has never been more vital. We’re excited to join forces with JupiterOne to give security teams around the globe this much-needed end-to-end capability.”
About JupiterOne:
JupiterOne is a cybersecurity startup delivering powerful software solutions to companies across all industries, providing deep insights to cyber assets and the relationships between, empowering security professionals to have true knowledge and ownership of their attack surfaces.
About watchTowr:
watchTowr is a global cybersecurity technology company, built by former adversaries.
watchTowr’s world-class External Attack Surface Management and Continuous Automated Red Teaming technology is informed by years of experience compromising some of the world’s most targeted organisations and utilised by Fortune 500, financial services and critical infrastructure providers every day.
Photo – https://mma.prnewswire.com/media/2401497/watchTowr_JupiterOne.jpg
View original content:https://www.prnewswire.co.uk/news-releases/jupiterone-and-watchtowr-announce-partnership-to-protect-business-critical-assets-with-broad-exposure-management-capabilities-302132392.html
LONDON, May 1, 2024 /PRNewswire/ — Clarivate Plc (NYSE: CLVT; CLVT PR A) (“Clarivate”), a leading global provider of transformative intelligence, today announced that its board of directors declared a quarterly dividend of $1.3125 per share on its 5.25% Series A Mandatory Convertible Preferred Shares (the “Preferred Shares”), payable in cash on June 3, 2024 to shareholders of record at the close of business on May 15, 2024.
On the mandatory conversion date, which is scheduled to occur on June 3, 2024, each Preferred Share will automatically and mandatorily convert into a number of ordinary shares of Clarivate (and cash in lieu of any fractional ordinary shares) based on the average volume weighted average price (“VWAP”) of Clarivate’s ordinary shares over a 30-trading day period that begins on, and includes, April 18, 2024 and is scheduled to end on, and include, May 30, 2024 (the “valuation period”). If such VWAP is (i) greater than $31.20, then the mandatory conversion rate will be 3.2052 ordinary shares of Clarivate per Preferred Share, (ii) less than or equal to $31.20 but equal to or greater than $26.00, then the mandatory conversion rate will be a number of ordinary shares of Clarivate per Preferred Share equal to $100.00 divided by such VWAP and (iii) less than $26.00, then the mandatory conversion rate will be 3.8462 ordinary shares of Clarivate per Preferred Share. The mandatory conversion rate will be announced following the end of the valuation period. The above description of the terms of the Preferred Shares is not complete and is subject to, and qualified in its entirety by reference to, the “Statement of Rights” for the Preferred Shares, which is filed as Exhibit 3.2 to Clarivate’s annual report on Form 10-K for the fiscal year ended December 31, 2023.
Cautionary Note Regarding Forward-Looking Statements
This communication contains “forward-looking statements” as defined in the Private Securities Litigation Reform Act of 1995. These statements, which express management’s current views concerning future business, events, trends, contingencies, financial performance, or financial condition, appear at various places in this communication and may use words like “aim,” “anticipate,” “assume,” “believe,” “continue,” “could,” “estimate,” “expect,” “forecast,” “future,” “goal,” “intend,” “likely,” “may,” “might,” “plan,” “potential,” “predict,” “project,” “see,” “seek,” “should,” “strategy,” “strive,” “target,” “will,” and “would” and similar expressions, and variations or negatives of these words. Forward-looking statements are neither historical facts nor assurances of future performance. Instead, they are based only on management’s current beliefs, expectations, and assumptions regarding the future of our business, future plans and strategies, projections, anticipated events and trends, the economy, and other future conditions. These forward-looking statements involve a number of risks and uncertainties (some of which are beyond our control) or other assumptions that may cause actual results or performance to be materially different from those expressed or implied by these forward-looking statements. Important factors that could cause our actual results and financial condition to differ materially from those indicated in the forward-looking statements include those factors discussed under the caption “Risk Factors” in our annual report on Form 10-K, along with our other filings with the U.S. Securities and Exchange Commission (“SEC”). However, those factors should not be considered to be a complete statement of all potential risks and uncertainties. Additional risks and uncertainties not known to us or that we currently deem immaterial may also adversely affect our business operations. Forward-looking statements are based only on information currently available to our management and speak only as of the date of this communication. We do not assume any obligation to publicly provide revisions or updates to any forward-looking statements, whether as a result of new information, future developments or otherwise, except as otherwise required by securities and other applicable laws. Please consult our public filings with the SEC or on our website at www.clarivate.com.
About Clarivate
Clarivate™ is a leading global provider of transformative intelligence. We offer enriched data, insights & analytics, workflow solutions and expert services in the areas of Academia & Government, Intellectual Property and Life Sciences & Healthcare. For more information, please visit www.clarivate.com.
Logo – https://mma.prnewswire.com/media/1159266/Clarivate_Logo.jpg
View original content:https://www.prnewswire.co.uk/news-releases/clarivate-declares-dividend-on-mandatory-convertible-preferred-shares-302133633.html
BEIJING, May 1, 2024 /PRNewswire/ — Focusing on the development of AI, the third CMG Forum was held on Monday in Beijing.
Li Shulei, a member of the Political Bureau of the Communist Party of China (CPC) Central Committee and the head of the Publicity Department of the CPC Central Committee, attended the opening of the event and delivered a speech.
Guests at the forum stressed the role of media in promoting the innovative application of AI as well as its governance.
Efforts should also be made to boost the development of AI in creating positive, healthy, diverse and high-quality content, so that AI can become a force for good and benefit mankind, they agreed.
They also called on media to accelerate intelligent transformation and help bridge international exchanges and cooperation on the governance of AI to facilitate its healthy, orderly and safe development.
Hosted by China Media Group (CMG), the forum attracted more than 200 participants from international organizations, media, think tanks and multinational companies.
“Innovation and breakthroughs in science and technology not only guide the development and progress of human civilization, but also bring uncertainty to the changing world,” said Shen Haixiong, vice minister of the Publicity Department of the CPC Central Committee and president of CMG. He called for efforts to jointly create valuable and responsible artificial intelligence.
AI technology is affecting every aspect of our lives. Thomas Bach, president of the International Olympic Committee (IOC), stated in a video speech that CMG has always been a partner of the IOC, bringing the charm of the Olympic Games to hundreds of millions of Chinese viewers. He said the IOC invites CMG to work together for the creation of a future with the application of AI in Olympic sports.
“From ancient inventions such as silk, printing and the compass to modern technological advances such as robotics, telecommunications and green technology, China has always been committed to innovation and creation,” said Daren Tang, director general of the World Intellectual Property Organization (WIPO). He said WIPO pays close attention to ensuring a balance between the opportunities and risks of artificial intelligence and is committed to strengthening cooperation to ensure that artificial intelligence is properly used.
https://news.cgtn.com/news/2024-04-30/3rd-CMG-Forum-in-Beijing-discusses-AI-development-1tdDcXvCexG/p.html
View original content:https://www.prnewswire.co.uk/news-releases/cgtn-3rd-cmg-forum-in-beijing-discusses-ai-development-302133410.html
-
Uncategorized7 days agoCherrypicks Partners with AWS DevAx Leading Cloud Technology Innovation for Hong Kong Enterprises
-
Artificial Intelligence6 days agoHikvision redefines urban mobility with AIoT-powered solutions at Intertraffic 2024
-
Artificial Intelligence6 days agoHITACHI ACQUIRES MA MICRO AUTOMATION OF GERMANY IN EFFORT TO ACCELERATE GLOBAL EXPANSION OF ROBOTIC SI BUSINESS IN THE MEDICAL AND OTHER FIELDS
-
Artificial Intelligence6 days agoWeb O.No: Metaverse and Web 3.0 stunted by internet chaos, warn 87% of business leaders
-
Artificial Intelligence6 days ago
Greater efforts urged on sci-tech cooperation
-
Artificial Intelligence5 days agoCognitive Security Market Projected to Reach $134.26 billion by 2030 – Exclusive Report by 360iResearch
-
Uncategorized6 days ago
Xiao-I Corporation to Announce Full Year 2023 Results
-
Artificial Intelligence5 days ago
IBM, Government of Canada, Government of Quebec Sign Agreements to Strengthen Canada’s Semiconductor Industry
