Mandiant disclosed that the number of cyber threat groups it is monitoring has increased to 3,500 in 2022, an increase of 900 from the previous year, with 265 discovered for the first time during the company’s investigations.
These organizations were discovered to be financially driven, government-sponsored, and 335 uncategorized organizations. According to Mandiant’s analysis on the global cybersecurity environment, M-Trends 2023, over half of the groups analyzed by the firm sought financial advantage.
The research also discovered a rise in new malware families, but a decrease in ransomware assaults. In 2022, ransomware was engaged in 18% of Mandiant’s global investigations, down from 23% in 2021. The research links this decline to government and law enforcement interruptions in ransomware assaults, which drove perpetrators to retool or form new alliances.
For the third year in a row, vulnerabilities such as SQL injection and cross-site scripting were the most popular attack vectors, according to the research. Furthermore, there has been an upsurge in credential theft and purchasing, highlighting the need for improved digital hygiene. Mandiant advises businesses to have a solid security strategy in place to battle these emerging cyber threats.
The sources for this piece include an article in TechRepublic.