Telecommunication companies the main target of cyber attacks in 2024

Telecommunication companies the main target of cyber attacks in 2024

Telecommunication companies the main target of cyber attacks in 2024

Telecommunications companies, mass media and construction firms are the main targets of cyber attacks in the first half of 2024, the company claims Kaspersky. Telecommunication companies have faced the highest number of attacks, which is the result of attackers’ interest in exploiting sensitive data and trust relationships.

Also, the mass media is traditionally a target during international conflicts, while construction firms are attractive targets of attack due to their extensive use of subcontractors.

According to Kaspersky Managed Detection and Response (MDR) statistics for the period January-June 2024, 284 cyber incidents were recorded in the telecommunications sector for every 10,000 systems. Mass media experienced 180 attacks for every 10,000 systems, while the construction, food processing and industrial sectors recorded 179, 122 and 121 incidents, respectively.

“A successful attack, especially an advanced one, against a telecommunications company can compromise the data of millions of customers, including contact information, social security numbers and credit card information. It can also serve as a springboard for further attacks on users through the exploitation of confidential relationships. This is why this sector is so attractive to cybercriminals. Also, the mass media are becoming an increasingly frequent target during international conflicts, which are often marked by information warfare in which they play a key role. Finally, construction firms have significant cash flows and rely on subcontractors, making them vulnerable to attacks via trusted partner infrastructure and targeted phishing.” explains Sergej Soldatov, Head of Managed Detection and Response at Kaspersky.

cyber security (Unsplash)

Critical incidents

Telecommunications companies also face the highest average number of critical incidents, with 32 attacks per 10,000 systems. “Critical incidents are human-driven attacks or malware threats that have a potential or actual significant impact on a company’s infrastructure,” explains Sergej Soldatov. The IT industry is in second place with an average of almost 12 critical incidents, while the government sector recorded an average of eight critical incidents in the first half of 2024.

Globally, the number of cyber incidents has remained relatively stable, with a slight decline. Organizations are looking to strengthen their cyber security measures after a rise in attacks between 2021 and 2022. Improved approaches such as vulnerability assessments and penetration tests have improved overall security. “Cyber ​​attacks usually reflect global conflicts, especially those driven by human factors. The increased number of threats in 2021 and 2022 has led to increased vigilance when it comes to cyber security in businesses and organizations across various fields, resulting in higher levels of security as organizations learn from past experiences,” added Sergej Soldatov. To protect companies from cyber threats, Kaspersky recommends the following measures:

  • Install Managed Detection and Response (MDR) for proactive threat scanning
  • To ensure that the infrastructure is not compromised, periodically conduct a threat assessment, and in case of clear evidence of a cyber attack, initiate an incident response.
  • SOC consulting services can help you build your own internal security operations.
  • Give your security operations team access to the latest threat information (TI). Kaspersky threat information portal is a single point of access for the company’s threat information, providing cyber attack data and insights collected by Kaspersky over a period of 20 years.
  • Train your cybersecurity team to tackle the latest targeted threats with Kaspersky Expert Training (xTraining) developed by GReAT experts.
  • In addition to adopting basic endpoint protection, implement an enterprise-grade security solution that detects advanced network-level threats at an early stage, such as Kaspersky Anti Targeted Attack Platform.
  • Since many targeted attacks start with phishing or other social engineering techniques, introduce security awareness training and teach your team practical skills – for example, through the Kaspersky Automated Security Awareness Platform.

Source: BIZLife

Photo: Pixabay, Unsplash

Source: bizlife.rs