Cyber Security

Expel Releases Annual Great eXpeltations Report

Threat report breaks down the biggest attack trends of 2022 and shares predictions for the year ahead

Expel, the security operations provider that aims to make security easy to understand, use and improve, today released Great eXpeltations 2023: Cybersecurity trends and predictions, its annual report that outlines some of the most significant threats and attack trends from 2022. Compiled using aggregated data from the Expel security operations center (SOC), the report provides insights and statistics on the most significant cybersecurity threats Expel customers faced, actionable recommendations on how organizations can protect themselves, and predictions on what to expect in the year ahead.

“The trends and data we saw in 2022 showed that identity fraud—in the many different forms it can take—were a top concern for our customers,” said Ben Brigida, director, SOC operations at Expel. “However, we also observed a 70% increase in cloud incidents. Cybercriminals continue to evolve their tactics. We hope the Great eXpeltations report helps defenders stay on top of the attack trends that can impact their businesses, as well as minimize risk in the year ahead.”

Here are some highlights from the report:

  • Identity threats: Business email compromise (BEC) remained the top threat to our customers, representing 50% of all incidents (consistent with findings from 2021). Fifty-three percent of all organizations experienced at least one BEC attempt.
  • Cloud securityCloud incidents increased 70% compared to 2021. Threat actors started moving away from authenticating via legacy protocols to bypass multi-factor authentication (MFA) in Microsoft 365. Instead, they adopted frameworks such as Evilginx2, facilitating adversary-in-the-middle (AiTM) phishing attacks to steal login credentials and session cookies for initial access and MFA bypass.
  • Ransomware: Eleven percent of incidents could have resulted in deployment of ransomware had we not intervened—a seven percentage point increase compared to 2021. As Microsoft continues making it easier for organizations to block macros in files downloaded from the internet, ransomware threat groups and their affiliates are abandoning their use of visual basic for application (VBA) macros and Excel 4.0 macros to gain initial entry to Windows-based environments. Instead, ransomware operators opt to use disk image (ISO), short-cut (LNK), and HTML application (HTA) files to gain initial entry.
  • Phishing: Eighty-eight percent of malicious email submissions were credential harvesters. Credential theft via phishing continues to grow with identity the main focus of today’s attacks.

For each of these attack trends, Expel’s SOC leadership team shares what they observed in 2022, how to detect and prepare for these threats, and what to expect for 2023.

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

Related posts

Perimeter 81 & AVANT to Expand SASE Solutions Access

Business Wire

ThreatHunter.ai Launches “FIRST EYES” Program

PR Newswire

HYAS Selected as a 2023 Digital Innovator by Intellyx

Business Wire