Express Computer
Home  »  News  »  Ransomware Activity Doubles in Transportation and Shipping Industry

Ransomware Activity Doubles in Transportation and Shipping Industry

0 57

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today released The Threat Report: Fall 2022 from its Advanced Research Center, home to the world’s most elite security researchers and intelligence experts. The latest report analyzes cybersecurity trends from the third quarter of 2022.

The report includes evidence of malicious activity linked to ransomware and nation-state-backed advanced persistent threat (APT) actors. It examines malicious cyber activity including threats to email, the malicious use of legitimate third-party security tools, and more. Key findings:

U.S. Ransomware Activity Leads the Pack: In the U.S. alone, ransomware activity increased 100% quarter over quarter in transportation and shipping. Globally, transportation was the second most active sector (following telecom). APTs were also detected in transportation more than in any other sector.

Germany Saw the Highest Detections: Not only did Germany generate the most threat detections related to APT actors in Q3 (29% of observed activity), but they also had the most ransomware detections. Ransomware detections rose 32% in Germany in Q3 and generated 27% of global activity.

Emerging Threat Actors Scaled: The China-linked threat actor, Mustang Panda, had the most detected threat indicators in Q3, followed by Russian-linked APT29 and Pakistan-linked APT36.

Ransomware Evolved: Phobos, a ransomware sold as a complete kit in the cybercriminal underground, has avoided public reports until now. It accounted for 10% of global detected activity and was the second most used ransomware detected in the US. LockBit continued to be the most detected ransomware globally, generating 22% of detections.

Old Vulnerabilities Continued to Prevail: Years-old vulnerabilities continue to be successful exploitation vectors. Trellix observed Microsoft Equation Editor vulnerabilities comprised by CVE-2017-11882, CVE-2018-0798, and CVE-2018-0802 to be the most exploited among malicious emails received by customers during Q3.

Malicious Use of Cobalt Strike: Trellix saw Cobalt Strike used in 33% of observed global ransomware activity and in 18% of APT detections in Q3. Cobalt Strike, a legitimate third-party tool created to emulate attack scenarios to improve security operations, is a favorite tool of attackers who repurpose its capabilities for malicious intent.

“So far in 2022, we have seen unremitting activity out of Russia and other state-sponsored groups,” said John Fokker, Head of Threat Intelligence, Trellix. “This activity is compounded by a rise in politically motivated hacktivism and sustained ransomware attacks on healthcare and education. The need for increased inspection of cyber threat actors and their methods has never been greater.”

The Threat Report: Fall 2022 leverages proprietary data from Trellix’s sensor network, investigations into the nation-state and ransomware activity by the Trellix Advanced Research Center, and open-source intelligence. Telemetry related to the detection of threats is used for this report. Detection is when a file, URL, IP address, suspicious email, network behavior, or other indicator is detected and reported via the Trellix XDR platform.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image