New Cyber Threat Intelligence Report from Critical Start Highlights Prominent Threats and Emerging Cybersecurity Trends with Implications Spanning Multiple Industries  

Research uncovers exploitation of QR codes growing area of concern; education sector prime target for threat actors; ransomware groups collaborating more than previously thought.

PLANO, TX, October 11, 2023 – Today, Critical Start, a leading provider of Managed Detection and Response (MDR) cybersecurity solutions and pioneer of the industry’s first Managed Cyber Risk Reduction (MCRR) solutions, published its biannual Cyber Threat Intelligence Report, leveraging research from its Cyber Threat Intelligence (CTI) team to highlight top cyber threats from the second half of 2023 and emerging cybersecurity trends impacting critical industries such as finance, education, manufacturing and state and local government (SLED).

Hackers have access to advanced, automated technologies that are enabling an unprecedented number of cyberattacks causing detrimental impact to organizations. Sixty-seven percent of organizations experienced a breach requiring attention within the last two years, despite having traditional threat-based security measures in place. By analyzing sources such as customer data, open-source intelligence, vulnerability research, and social media and dark web monitoring, Critical Start’s CTI team reveals key cyber threats disrupting businesses and highlights ways organizations can strengthen their security posture and proactively mitigate potential risk.

Key report findings include:

  • Phishing attacks leveraging Quick Response (QR) codes are on the rise with bad actors masquerading as Microsoft security notifications with a QR code embedded inside a PNG image or a PDF attachment.
  • Education remains one of the most susceptible industries to cyber-attacks, yet there is more diversity in the types of threats. Vulnerability exploitation accounted for 29% of attacks, while phishing campaigns constituted 30% of cyber incidents on K-12 schools in 2023.
  • Several known ransomware groups are sharing tactics, techniques, and procedures at a granular level suggesting that threat actors are much more reliant on affiliates than previously thought and highlighting the complex and ever-changing nature of the cybercrime economy.
  • Microsoft Teams allows external accounts to send potentially harmful files directly to an organization’s staff, increasing the risk of successful attacks by bypassing security measures and anti-phishing training.
  • Volt Typhoon, a threat actor sponsored by the Chinese state, is likely to persist in carrying out cyber espionage campaigns to support the broader Chinese government agenda against U.S. critical infrastructure.

“The volume and sophistication of cyberattacks is continuously growing and evolving making it impossible for organizations to feel on-top of internal vulnerabilities and remain cognizant of every external threat,” said Callie Guenther, Senior Manager of Cyber Threat Research at Critical Start. “In an effort to democratize cyber threat intelligence, this report highlights the most prominent security-related issues plaguing business and how they can proactively reduce cyber risk.”

Critical Start’s H2 2023 Threat Intelligence Report can be found here.

As a part of the Critical Start Cyber Research Unit (CRU), Critical Start CTI continuously monitors emerging threat developments and vulnerabilities while collaborating with the Security Engineering and SOC teams to implement new detections that reduce the risk of a breach by expanding MITRE ATT&CK threat coverage for its customers. For future updates on emerging threats, follow the Critical Start Intelligence Hub.

About Critical Start

Organizations today face the challenge of aligning their cyber protection measures with their risk appetite. CRITICALSTART®, a pioneer of the industry’s first Managed Cyber Risk Reduction solutions, provides holistic cyber risk monitoring via its Cyber Operations Risk & Response™ platform, paired with a human-led risk and security operations team, combined with over 8 years of award-winning Managed Detection and Response (MDR) services. By continuously monitoring and mitigating cyber risks, Critical Start enables businesses to proactively protect their critical assets with a measurable ROI. The company’s platform provides maturity assessments, peer benchmarking, posture and event analytics, and response capabilities. Its risk and security operations team evaluates and actions threats, risks, vulnerabilities, and performs comprehensive threat intelligence research. Critical Start enables organizations to achieve the highest level of cyber risk reduction for every dollar invested, allowing them to confidently reach their desired levels of risk tolerance.

Newsletter Signup

Stay up-to-date on the latest resources and news from CRITICALSTART.
Tactics to Mitigate Security Gaps in Modern Threat Response. Upcoming Webinar - October 15.
This is default text for notification bar