Within the dynamic world of cybersecurity, 2023 marked a major shift, underscored by a 1760% enhance in Enterprise E mail Compromise (BEC) assaults. This startling revelation, detailed in Notion Level’s ‘2024 Annual Report: Cybersecurity Traits & Insights‘, factors to the rising sophistication of cyber threats. The Tel Aviv-based chief in superior electronic mail and workspace safety options highlights how Generative AI (GenAI) applied sciences have change into a device for risk actors, enabling them to craft intricate social engineering assaults which can be more and more troublesome to detect.
The previous 12 months’s cyber panorama was formed by the outstanding advances in GenAI, which malicious actors used to boost the size and complexity of their assaults. In 2022, BEC assaults constituted a mere 1% of all cyberattacks, however by 2023, they accounted for a staggering 18.6%.
Phishing continued to be the dominant cyber risk, accounting for over 70% of all assaults, with little change from the earlier 12 months. Nonetheless, quishing—a brand new type of risk exploiting QR codes—emerged, accounting for two.7% of all phishing makes an attempt. The belief positioned in QR codes has been manipulated by attackers, turning a easy scan into a major safety danger. In 2023, 1 out of each 18 QR codes despatched by way of electronic mail was malicious.
Moreover, the prevalence of two-step phishing assaults noticed a 175% enhance. These multi-stage assaults, more durable to detect as a result of their use of reputable companies and internet hosting websites, exploit the reputations of well-known domains, evading detection extra simply.
The report additionally highlights a 350% rise in account takeover (ATO) threats, the place reputable accounts are compromised after which utilized in extremely focused assaults. Model impersonation assaults additionally noticed a major enhance, with 55% of all such assaults in 2023 mimicking the focused worker’s group.
E mail remained the first assault vector, with 1 in 5 emails being malicious or spam. Menace actors expanded their horizons to focus on organizations by way of different means as effectively, with phishing assaults by way of internet browsers growing considerably and malware distribution in M365 Apps like OneDrive, SharePoint, and Groups accounting for 65% of assaults. Over 50% of assaults focused CRMs like Zendesk and Salesforce.
Yoram Salinger, CEO of Notion Level, emphasizes the affect of GenAI’s proliferation on organizational safety postures. He highlights the evolving nature of the trendy workspace, more and more reliant on cloud-based electronic mail, collaboration, and productiveness instruments accessible from any browser. Notion Level’s dedication to defending this contemporary workspace is obvious of their consolidated risk prevention resolution, which mixes multi-layered AI-powered detection with managed incident response companies.
Notion Level, a Prevention-as-a-Service firm, stands on the forefront of next-generation prevention, detection, and response to assaults throughout electronic mail, cloud collaboration apps, and internet browsers. Their cloud-native service, straightforward to deploy and handle, is designed to switch cumbersome legacy techniques. It prevents phishing, BEC, spam, malware, Zero-days, ATO, and different superior assaults, defending Fortune 500 enterprises and organizations globally.
This complete report by Notion Level presents invaluable insights into the evolving cyber risk panorama, underscoring the necessity for progressive safety options in an period the place GenAI and superior social engineering techniques have gotten the norm. You possibly can view the total report right here.
