Business Email Compromise Soars to Top Cyberthreat, Cisco Talos Warns

A recent report by Cisco Talos Incident Response (IR) reveals a disturbing trend: Business Email Compromise (BEC) scams have become the number one cyberthreat (Q1 2024).

BEC Attacks on the Rise

The report highlights a significant surge in BEC attacks, accounting for a whopping 46% of all Cisco Talos IR engagements in the first quarter. This sharp increase from the previous quarter indicates a growing threat landscape where cybercriminals are increasingly targeting employees through impersonation tactics to steal money or sensitive data.

MFA Weaknesses Exposed

The report also raises concerns about vulnerabilities in Multi-Factor Authentication (MFA). Researchers discovered a new phishing kit, Tycoon 2FA, capable of bypassing MFA safeguards. This emphasizes the importance of proper MFA implementation to bolster security measures.

New Ransomware Variants Emerge

While ransomware incidents saw a decrease (17% of engagements), the report identified new variants of Phobos and Akira ransomware alongside established threats like LockBit and Black Basta. This highlights the continuous evolution of the ransomware landscape.

Manufacturing Sector Targeted

The manufacturing industry remains a prime target for cyberattacks, accounting for 21% of all incidents. This sector faces unique challenges due to its low tolerance for downtime, making it a lucrative target for financially motivated attacks like BEC and ransomware.

Credential Compromise a Major Entry Point

The report identifies compromised credentials on valid accounts as the most frequent method for attackers to gain initial access (29% of cases). This underscores the critical need for strong password hygiene and implementing additional security measures beyond basic passwords.

Cisco Offers Security Solutions

Fady Younes, Managing Director for Cybersecurity at Cisco Middle East & Africa, emphasizes the importance of a comprehensive cybersecurity strategy. Cisco offers a range of security solutions, including MFA and Endpoint Detection and Response (EDR), to combat these evolving threats.

How to Stay Protected

• Educate Employees: Train employees to recognize phishing attempts and BEC scams.
• Enforce Strong MFA: Implement robust Multi-Factor Authentication and enforce its use across all accounts.
• Deploy EDR Solutions: Utilize Endpoint Detection and Response (EDR) solutions to detect and respond to malicious activity on your network.
• Consider Cisco Security Solutions: Explore Cisco security solutions like Duo and Cisco Secure Endpoint for enhanced protection against cyberattacks.

By staying vigilant and implementing these security measures, businesses can significantly reduce the risk of falling victim to cyberattacks and safeguard their valuable data.