In the second quarter of 2024, ransomware and business email compromise (BEC) attacks constituted 60% of all cyber incidents, as reported by Cisco Talos. Technology was the most targeted sector, accounting for 24% of incidents, reflecting a 30% increase from the previous quarter. Attackers are focusing on tech firms as potential gateways to other industries. Retail, healthcare, pharmaceuticals, and education were also frequently targeted.
Compromised credentials were the most common initial access method. Vulnerable or misconfigured systems and insufficient MFA implementation were prevalent security weaknesses. Notably, 80% of ransomware attacks lacked proper MFA on critical systems. BEC attacks, while down from Q1, still made up 30% of cyber incidents, with threat actors using techniques like smishing and phishing emails to gain access and launch attacks. The rise in cyber incidents 2024 highlights the need for enhanced security measures.