Arctic Wolf Threat Report Highlights Sharp Rise in Ransom Demands and BEC Incidents

Cybercriminals continue to exploit long-disclosed vulnerabilities for significant economic gains


EDEN PRAIRIE, Minn., Feb. 20, 2024 (GLOBE NEWSWIRE) -- Arctic Wolf®, a global leader in security operations, today published its annual Arctic Wolf Labs Threat Report. Insights from the report reveal a year filled with cybercrime groups significantly increasing ransom demands, continuing to exploit well-known vulnerabilities that pre-date 2023, and executing business email compromise (BEC) schemes on a massive scale.

Created with threat, malware, digital forensics, and incident response case data that Arctic Wolf collects across the entire security operations framework, the Arctic Wolf Labs Threat Report delves deep into the cybercrime ecosystem, highlighting current global threat trends and offering strategic cybersecurity recommendations for the year ahead. The report serves as a key resource for cybersecurity, IT, and business leaders looking to gain a deep understanding of the global cybercrime landscape so that they can better protect their organizations from advanced cyber threats.

“By helping to end cyber risk for thousands of customers around the globe, Arctic Wolf Labs has access to an unmatched amount of data that allows us to provide deep and differentiated insights about the cybercrime landscape for both security practitioners and business leaders alike,” said Mark Manglicmot, senior vice president of security services, Arctic Wolf. “Not only do our findings from this report provide valuable insights to the cybersecurity community, but they also serve as a direct input to the threat detection models contained within the Arctic Wolf Security Operations Cloud, ensuring we are able to defend our customers against cyber threats of all shapes and sizes.”

Key findings from the Arctic Wolf Labs Threat Report include:

  • The median initial ransom demand rose 20% year-over-year to $600,000; with Legal, Government, Retail, and Energy industries each seeing median demands of $1 million or more.
  • Despite BEC incidents outnumbering ransomware incidents by a factor of 10, a ransomware incident is 15 times more likely than a BEC incident to lead to an incident response investigation.
  • Vulnerabilities first disclosed in 2022 or earlier continue to account for nearly 60% of incidents where the root cause was the exploitation of an externally accessible system.
  • Manufacturing, Business Services, and Education/Non-Profit were the top three industries to appear on ransomware leak sites.

"The volume of cyber incidents continues to increase each year. As we enter 2024, the wide scale availability of AI tools has the potential to supercharge the ability of cybercriminals to successfully exploit vulnerabilities,” said Catherine Lyle, SVP of Cyber Claims & Incident Response at Tokio Marine HCC – Cyber & Professional Lines Group, a member of the Tokio Marine HCC group of companies based in Houston, Texas. “Resources like the Arctic Wolf Labs Threat Report assist carriers and businesses in understanding the current and future cybersecurity landscape. When used properly, this type of data can permit an organization to respond with appropriate vulnerability management, giving it a proven edge in safeguarding its sensitive systems and data. In turn, this makes it easier for the organization to mitigate any future harm by obtaining cyber insurance.”

Arctic Wolf Labs brings Arctic Wolf’s elite security researchers, data scientists, and security development engineers together with a unified goal to help end cyber risk for organizations around the globe. Leveraging the trillions of security events the Arctic Wolf Security Operations Cloud ingests, parses, enriches, and analyzes each week, Arctic Wolf Labs is responsible for deliver cutting-edge threat research on new and emerging adversaries and leveraging machine learning and artificial intelligence to create advance threat detection models that drive continuous improvement in the speed, scale, and detection efficacy of Arctic Wolf’s security operations solutions.

For additional insights from the 2024 Arctic Wolf Labs Threat Report, visit arcticwolf.com to download the full report.

Additional Resources:

About Arctic Wolf:
Arctic Wolf® is a global leader in security operations, enabling customers to manage their cyber risk in the face of modern cyber-attacks via a premier cloud-native security operations platform. The Arctic Wolf Security Operations Cloud ingests and analyzes more than 4.6 trillion security events a week to help enable cyber defense at an unprecedented capacity and scale, empowering customers of virtually any size across a wide range of industries to feel confident in their security posture, readiness, and long-term resilience. By delivering automated threat protection, response, and remediation capabilities, Arctic Wolf delivers world-class security operations with the push of a button so customers can defend their greatest assets at the speed of data.

Press Contact:
Reagan McAfee
Reagan.mcafee@arcticwolf.com
916-996-4969

© 2024 Arctic Wolf Networks, Inc., All Rights Reserved. Arctic Wolf, Arctic Wolf Platform, Arctic Wolf Security Operations Cloud, Arctic Wolf Managed Detection and Response, Arctic Wolf Managed Risk, Arctic Wolf Managed Security Awareness, Arctic Wolf Incident Response, and Arctic Wolf Concierge Security Team are either trademarks or registered trademarks of Arctic Wolf Networks, Inc. or Arctic Wolf Networks Canada, Inc. and any subsidiaries in Canada, the United States, and/or other countries.