One in three cyberattacks carried out in 2023 targeted Europe. The countries most affected were the United Kingdom, Germany and Denmark. Never before have so many regional attacks been reported in a single year. That's according to IBM's X-Force Threat Intelligence Index 2024 (1).
One-third of cyber attacks (31 percent) took place in Europe last year. The U.S. and Asia accounted for about a quarter of the attacks, 26 percent and 23 percent, respectively. Latin America and the Middle East were the least favored by hackers: of all reported cyber attacks, 12 percent and 7 percent of hacking attacks took place in these regions, respectively.
Looking within Europe, the United Kingdom is the favorite target for a cyber attack. More than a quarter of all reports (27 percent) come from this country. Other European countries high on the hacker victim list are Germany (15 percent), Denmark (14 percent), Portugal (11 percent), Italy and France (both 8 percent).
Nearly three-quarters of all cyber attacks in Europe (74 percent) targeted critical infrastructure, such as drinking water supplies, power plants and Internet service providers (ISPs). In percentage terms, the energy sector had the highest number of incidents, at 43 percent. The financial and insurance sectors had 37 percent. Cyber attacks on critical infrastructure are particularly dangerous because they can severely disrupt society (2).
Of all the regions, Europe suffered the most frequently from ransomware. Hackers use this hostage software to encrypt files and put them in a kind of digital vault. The only way to regain access to this data is by using a decryption key. Victims don't just get these, however: to do so, they must pay a ransom to the attackers. Companies and organizations are increasingly choosing not to pay a ransom, with the risk that the captured data will be made public or sold. Despite the risks, the number of ransomware attacks dropped nearly 12 percent worldwide last year.
In addition to malware, hackers increasingly used employee login credentials to carry out attacks last year. User names and passwords are mostly from data breaches that have previously taken place elsewhere. Datasets containing such data can be purchased through illegal forums on the dark web.
Providing access with valid login credentials puts businesses and organizations in a quandary. It is difficult for IT professionals to distinguish between legitimate and rogue users. Consequently, the response time to detect malicious user activity on the corporate network averaged 11 months in 2023.
According to the researchers, the number of attacks increased 71 percent worldwide in one year. One-third of cyber incidents (32 percent) involved the capture of confidential or privacy-sensitive data. According to IBM, hackers prefer to steal and sell data rather than extort victims.
The X-Force Threat Intelligence Index 2024 states that 85 percent of attacks on companies and organizations operating in critical infrastructure could have been contained through sound update policies, enabling multifactor authentication and adopting the least privileged principle.
At the same time, the research team warns that in the future, hackers and cybercriminals will more often use generative AI to optimize their tactics. Therefore, it is critical that companies and organizations invest now in the secure and responsible use of artificial intelligence. Furthermore, IBM recommends that corporate networks be regularly stress- or pen-tested, implement network segmentation(zero trust policy), invest in employee training to increase the organization's digital resilience, and establish protocols to mitigate the impact of security incidents.
https://www.ibm.com/reports/threat-intelligence
https://www.vpngids.nl/nieuws/nctv-verwacht-het-onverwachte/
