Comcast report sees global cybersecurity “at a crossroads”

Comcast’s Cybersecurity Threat Report reveals that phishing and malware continue to dominate the cyber threat landscape.

The report considers data from 23.5 billion attempted cybersecurity attacks that Comcast helped its customers combat in 2022. These attacks range from 500 different threat types and 900 distinct infrastructure and software vulnerabilities.

In the first half of 2023 alone, the number of email-based phishing attacks surged 464% in comparison to 2022. Ransomware attacks in particular exploded in 2023, with an increase of 60% reported earlier in 2023. With this in mind, Comcast’s report highlights that cybersecurity continues to combat significant risks to businesses of all sizes.

Key industries continue to be targeted

Comcast found in its report that the majority of cybersecurity breaches now originate with the users of internal and external resources. Research has found that approximately 67% of all breaches start with someone clicking on a seemingly safe link which Comcast says explains why adversaries begin 80-95% of all attacks with a phish.

Cyberattacks used to begin with an exploit of a vulnerability in a public-facing network resources that connect to applications and infrastructure within the network, according to Comcast. 

This report attests to these types of hacks or data breaches continuing to increase throughout 2023, stressing the urgency for businesses to make cybersecurity systems a priority.

In addition, Comcast confirmed that the top reconnaissance tools used by hackers include vulnerability scanners, botnets and phishing. These bad actors made 2.6 million attempts to modify or create new firewall rules to establish external communications. 

The report highlights to businesses the importance of only accepting network connection requests made from trusted sources.

Distributed Denial-of-Service (DDoS) attacks also continue to be a concern, according to Comcast. The company detected 51,915 DDoS attacks in 2022 alone, with IT service customers seeing an increase in DDoS attacks. Making up 25% of hack attempts, education (46%), finance (14%) and healthcare (13%) were confirmed to be the most targeted industry sectors.

A 2023 example of a cybersecurity attack denying essential services is the recent hack on Kenya’s eCitizen platform used by the public to access over 5,000 government services. The Kenyan government has since assured the public that it took immediate measures to address the security breach and strengthen defences against future cyber threats.

These types of attacks aim to disrupt critical database servers and network resources. Comcast has recorded in its report more than 210 million instances of DDoS.

Remote working: Be aware of the cyber risk

The Comcast report has also highlighted how remote desktops have become increasingly targeted within businesses, including theft and brute force attacks to steal sensitive data and gain unauthorised access.

Comcast customer logs documented more than 54 million attempts to exploit credentials for access. Bad actors capitalised on vulnerable Remote Desktop Protocol (RDP) configurations and, according to Comcast, made more than 185 million attempts to gain remote access.

In addition, the report found 139 million attempts to establish connections to victim servers and 159 million attempts to steal and use credentials to infiltrate compromised networks.

Although hybrid working offers many benefits, such as increased flexibility and reduced overhead costs, it is clear that it also presents unique cybersecurity challenges that companies would do well to address. With employees accessing sensitive data from multiple locations and devices, the risk of cyberattacks and data breaches is higher than ever before.

“Technology is accelerating at a breakneck pace – bringing sophisticated new tools to both attackers and defenders. And although attacker tools are evolving, social engineering continues to be the leading tactic used to breach corporate networks,” said Noopur Davis, Executive VP, Chief Information Security and Product Privacy Officer at Comcast Corporation and Comcast Cable. 

“CISOs and CIOs have to adjust to the evolving threat landscape to protect their organisations and customers.”

******

For more insights into the world of Technology - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - AI Magazine | Technology Magazine

Please also check out our upcoming event - Sustainability LIVE in London on September 6-7 2023.

******

BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability Leaders, Procurement & Supply Chain Leaders, Technology & AI Leaders, Cyber Leaders, FinTech & InsurTech Leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare + Food & Drink.

BizClik – based in London, Dubai, and New York – offers services such as Content Creation, Advertising & Sponsorship Solutions, Webinars & Events.