ChannelLife New Zealand - Industry insider news for technology resellers
New Zealand
Guides
#
cloud services
#
cybersecurity
#
distributors
#
microsoft
#
partner programmes
Search
Story image
#
Ransomware
#
MFA
#
Cloud Security

CyberCX report reveals long detection time for espionage

Yesterday
Author image
By Sean Mitchell, Publisher

CyberCX has released its 2025 Threat Report revealing significant trends in the cyber landscape, including prolonged detection times for espionage incidents.

Analysis based on information from CyberCX's Digital Forensics and Incident Response team (DFIR) for 2024 shows that business email compromise (BEC) remains a prevalent threat. The report indicates that espionage-related incidents now take an average of more than 400 days to discover, compared to 390 days in 2023. In contrast, financially motivated cyber attacks have a considerably lower average detection time of 24 days.

Among reported incidents, 75% of BEC attacks involved techniques that circumvented multi-factor authentication (MFA). This marks a stark rise from 10% in 2022, indicating an increased capability of adversaries to bypass conventional security measures using session hijacking capable phishing kits, or "Adversary-in-the-Middle" attacks.

The healthcare sector was identified as the most impacted industry, constituting 17% of incidents, with the financial services and education sectors following at 11% and 8%, respectively. These sectors often retain large volumes of sensitive personal data, increasing their vulnerability and appeal to cybercriminals.

Financial motivations remained the leading driver for cyber incidents, accounting for 65% of cases. The motivations behind 27% of these incidents were not identified, while 5% were attributed to espionage.

Ransomware-only cyber extortion incidents have risen sharply, now accounting for 38% of incidents in 2024 compared to 13% in 2023. Concurrently, there has been a drop in data theft extortion-only scenarios, from 27% in 2023 to 9% in 2024.

The report also highlights that around 25% of data theft victims who opted not to pay a ransom never had their stolen data advertised on the dark web, raising questions about the fate of such data post-breach.

Hamish Krebs, Executive Director of Digital Forensics and Incident Response at CyberCX, commented on the findings: "Despite the best efforts of defenders over the past 12 months, the global cyber threat landscape has continued to deteriorate as adversaries evolve their tactics and up the tempo of attacks."

He further added, "Malicious actors are moving into your cloud infrastructure more than ever before, cyber extortion groups continue to iterate their foul business despite well publicised disruption by global law enforcement, and the widespread deployments of tools like Endpoint Detection and Response (EDR) is driving changes to the way adversaries compromise networks. MFA is not enough, managed Service Providers (MSP) are still a weak point, and legacy infrastructure sticks out like a sore thumb when it comes to an organisation's security posture."

Krebs emphasised the importance of adapting to evolving threats, saying, "The CyberCX 2024 Threat Report reflects the hard-learned insights from incidents we responded to in 2024. Our hope is that what we have seen can help organisations and security teams better understand the threat landscape and bolster their cyber defences by allocating their limited resources to match the changing tactics of attackers."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Fortinet launches new G series firewalls with AI features
Mandiant partners with Android team to tackle concealed malware
Braze strengthens ANZ presence with data centre, HQ launch
How IT security is evolving from products to enabler
Infinigate boosts revenue by 14%, surpassing EUR €2 billion
Top stories
Arctic Wolf completes acquisition of Blackberry's Cylance
Ben Gracewood joins Fergus as VP of engineering in Auckland
PC market analysis reveals AI & Windows 11 potential
Avast partners with Ingram Micro to expand New Zealand focus
Transformative healthcare: The virtual shift