A new report released today by cybersecurity firm Critical Start Inc. has found that two-thirds of organizations have experienced a breach requiring attention within the last two years despite having traditional threat-based security measures in place.

The biannual Critical Start Cyber Threat Intelligence Report, which leverages research from the company’s Cyber Threat Intelligence team, highlights top cyber threats from the second half of 2023 and emerging cybersecurity trends affecting industries such as finance, education, manufacturing, and state and local governments.

Key findings in the report include that phishing attacks leveraging Quick Response codes are on the rise, with bad actors masquerading as Microsoft security notifications with a QR code embedded inside a PNG image or a PDF attachment.

The education sector was found to still be one of the most susceptible to cyberattacks, yet the researchers found that there was an increasing diversity in the type of threats targeting the sector. Vulnerability exploitation accounted for 29% of attacks, while phishing campaigns constituted 30% of cyber incidents in primary and secondary schools in 2023.

On the attack side, the report details how several well-known ransomware groups are now sharing tactics, techniques and procedures at a granular level. In doing so, the report suggests that threat actors are becoming much more reliant on affiliates than previously thought, highlighting the complex and ever-changing nature of the cybercrime economy.

An issue within Microsoft Teams that allows external accounts to send potentially harmful files directly to an organization’s staff is mentioned in the report. Being able to do so increases the risk of successful attacks by bypassing security measures and anti-phishing training.

Finally, the report also delves into the rise of Volt Typhoon, an allegedly Chinese state-sponsored threat actor that first emerged in May. The report notes that Volt Typhoon is likely to persist in carrying out cyber espionage campaigns to support an alleged Chinese government agenda against U.S. critical infrastructure.

“The volume and sophistication of cyberattacks are continuously growing and evolving, making it impossible for organizations to feel on top of internal vulnerabilities and remain cognizant of every external threat,” Callie Guenther, senior manager of Cyber Threat Research at Critical Start, said ahead of the report’s release. “In an effort to democratize cyber threat intelligence, this report highlights the most prominent security-related issues plaguing business and how they can proactively reduce cyber risk.”

Critical Start is a venture capital-backed startup, having last raised funding of $215 million in April 2022. Investors in the company include Vista Equity Partners LLC and Bregal Sagemount LP.

Image: Critical Start