The uptrend in usage of subscription-based services like Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) has made it easier for inexperienced cybercriminals to execute increasingly sophisticated attacks, according to a Darktrace study.
Cybersecurity AI solutions provider Darktrace recently published its ‘First 6: Half-Year Threat Report 2024’ to shed light on the latest attack trends and growing threats observed by its own threat research team for the first half of 2024.
The report suggests that cybercrime-as-a-service has only continued to grow, dominated by groups like Lockbit and Black Basta who provide tools that lower the entry barrier for cybercriminals.
MaaS specifically, is expected to continue posing significant risks to organizations because of its adaptive nature, changing tactics and evading traditional security measures constantly, which necessitates AI-driven security solutions backed by real-time anomaly detection.
Based on the report, between January to June 2024, the most common threats include information-stealing malware (29%), Trojans (15%), Remote Access Trojans (RATs) (12%), botnets (6%), and loaders (6%).
When it comes to ransomware attacks, double extortion methods have also been prevalently used by major cybercrime groups.
Nathaniel Jones, Director of Strategic Threat and Engagement at Darktrace, emphasized the critical need for adaptive, machine learning-powered security measures to counter the evolving threat landscape.
Phishing remains a critical concern, with researchers detecting 17.8 million phishing emails between December 21, 2023, and July 5, 2024, and cybercriminals are increasingly utilizing legitimate third-party services to blend in with normal network traffic, complicating detection efforts.
