Connect with us

Hi, what are you looking for?

HEADLINES

Kaspersky: Telecoms are prime targets for cyberattacks in 2024

In the telecommunications sector, there were 284 cybersecurity incidents per 10,000 systems, according to Kaspersky Managed Detection and Response (MDR) statistics for January-June 2024.

Telecom, mass media, and construction development companies are the top cyberattack targets in the first half of 2024, reports Kaspersky. Telecoms faced the greatest number of incidents, likely due to attackers’ interest in sensitive data and trusted relationships exploitation. In turn, mass media are traditionally targeted during international conflicts, while construction development firms may be also attractive for threat actors due to their extensive subcontractor use.

In the telecommunications sector, there were 284 cybersecurity incidents per 10,000 systems, according to Kaspersky Managed Detection and Response (MDR) statistics for January-June 2024. Mass media companies experienced 180 attacks per 10,000 systems, while the construction development, food and industrial sectors followed with 179, 122 and 121 incidents, respectively.

“A successful attack, especially an advanced one, on a telecom company can expose millions of customers’ records, including contact details, social security numbers, and credit card information. It can also serve as a possible springboard for further attacks on clients through trusted relationship exploitation. That’s why this sector is so attractive for cybercriminals. The mass media organizations, in turn, become an increasingly frequent target during international conflicts, which are often characterized by information warfare in which they play a crucial role. Last but not least, the construction development firms have significant cash flows and rely on subcontractors, making them vulnerable to attacks via trusted partners’ infrastructures and spear phishing,” explained Sergey Soldatov, head of Kaspersky Managed Detection and Response.

Telecommunication companies also faced the highest average number of critical incidents, with 32 attacks per 10,000 systems. “Critical incidents are human-driven attacks or malware threats that have a potential or actual significant impact on the company’s infrastructure,” explained Sergey Soldatov. The IT industry follows with nearly 12 average critical incidents, while government sector experienced eight average critical incidents in the first half of 2024.

Advertisement. Scroll to continue reading.

Globally, the number of cyber incidents has remained relatively stable, with a slight decrease. Organizations tend to strengthen their cybersecurity measures after the spike in attacks in 2021-2022. Enhanced approaches such as vulnerability assessments and penetration tests have improved overall security. “Cyberattacks typically mirror global conflicts, especially human-driven ones. The heightened threat landscape of 2021-2022 led to increased cybersecurity attention in enterprises and entities across various spheres, resulting in higher security levels as organizations learned from past experiences,” Sergey Soldatov added. To protect against cyberthreats to enterprises, Kaspersky recommends the following measures:

·        Implement Managed Detection and Response (MDR) to proactively seek out threats

·        To make sure infrastructure is not compromised, periodically conduct compromise assessment, and in case of clear evidence of a cyberattack, start incident response.

·        To build own internal security operations, SOC consulting services can help.

·         Provide your SOC team with access to the latest threat intelligence (TI). The Kaspersky Threat Intelligence Portal is a single point of access for the company’s TI, providing cyberattack data and insights gathered by Kaspersky spanning over 20 years.

Advertisement. Scroll to continue reading.

·         Upskill your cybersecurity team to tackle the latest targeted threats with Kaspersky Expert Training (xTraining)  developed by GReAT experts.

·         In addition to adopting essential endpoint protection, implement a corporate-grade security solution that detects advanced threats on the network level at an early stage, such as Kaspersky Anti Targeted Attack Platform.

·         As many targeted attacks start with phishing or other social engineering techniques, introduce security awareness training and teach practical skills to your team – for example, through the Kaspersky Automated Security Awareness Platform.

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

In rigorous evaluations conducted by prestigious cybersecurity testing organizations, Kaspersky Plus (starting in Q4 2024, Kaspersky Premium), Kaspersky Endpoint Security for Business (KESB), and...

HEADLINES

"Given the Philippines' high exposure to cyber threats, it's important for both individuals and businesses to stay vigilant," said Adrian Hia, Managing Director for...

White Papers

When compared to 2023, Sophos saw a 51% increase in abusing “Living off the Land” binaries or LOLbins; since 2021, it’s increased by 83%.

HEADLINES

Someone illegally acquires or uses personal information such as bank account or credit card numbers of another person to obtain money, goods or services....

HEADLINES

To stay ahead of these challenges, organizations need to invest in AI-driven defenses, transition to quantum-safe encryption, and adopt a Zero Trust approach to...

HEADLINES

There was a 121% Year-on-Year (YoY) increase in identity fraud in 2024 across the region, with significant surges recorded in Singapore (207%), Thailand (206%)...

HEADLINES

As part of RCBC’s 2024 Cybersecurity literacy program, the webinar aims to help Filipinos level up their online banking safety by providing them with...

White Papers

The survey found that CXO’s feel less prepared than their global peers. Less than half or 48% in APAC said they felt completely prepared...

Advertisement