20 November 2024, Wed |
8:33 PM
Positive Technologies’ latest study on the Q3 2024 cybersecurity threatscape reveals that IT specialists are becoming prime targets for hackers, serving as entry points for launching extensive cyberattacks, including supply chain breaches. Criminals exploited IT professionals’ access to critical systems through tactics like malware-laden ads, fake interviews, and public repository exploits.
The research highlights a 15% year-on-year increase in attacks on individuals and organizations during Q3. Among individuals, IT specialists accounted for 13% of targets, with malware being the most commonly used attack vector (72%). Hackers deployed Remote Access Trojans (RATs) such as AsyncRAT, XWorm, and SparkRAT, spreading them via package managers, public repositories, and fake websites mimicking popular network tools. Cybercriminals also used a technique called *Revival Hijack*, exploiting PyPI policy changes to hijack 22,000 packages and distribute malware to unsuspecting users.
Social engineering attacks were widespread, targeting individuals (92%) and organizations (50%), primarily through phishing emails (88%) and fake websites (73%). These attacks often led to data breaches (52%) and disruptions to core business operations (32%). Spyware like DeerStealer, Atomic Stealer, and Poseidon Stealer was distributed by manipulating search engine results to promote malicious websites.
Positive Technologies experts emphasize the need for robust, result-driven cybersecurity strategies. Organizations are urged to implement automated defense systems, monitor vulnerabilities using MaxPatrol VM, and use tools like PT Network Attack Discovery and PT Application Firewall to detect and prevent threats. Sandboxes are recommended for analyzing file behavior, while IT professionals should remain vigilant online, avoiding suspicious links and unverified downloads.
The study underscores the growing risks of cyberattacks targeting IT specialists, who serve as gateways to broader organizational vulnerabilities. By focusing on proactive cybersecurity measures, businesses can protect sensitive data, strengthen their defenses, and minimize the risks posed by increasingly sophisticated cybercriminal tactics.
