ETFOptimize | High-performance ETF-based Investment Strategies

Quantitative strategies, Wall Street-caliber research, and insightful market analysis since 1998.
ETFOptimize | HOME
Close Window
Recent Quotes
My Watchlist
Indicators
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

AI and automation have helped organizations respond to security incidents up to 99% faster than last year, according to new study from ReliaQuest

By: via Business Wire

With social engineering still the biggest threat to organizations, AI is being leveraged on both sides to increase the threat and the speed of defense; Organizations fully leveraging AI and automation can respond to threats within 7 minutes or less

The majority of cyber-attacks against organizations are perpetrated via social engineering of employees, and criminals are using new methods including AI to supercharge their techniques. This is according to the ReliaQuest Annual Threat Report, which contains in-depth analysis of key security incidents and research from the past year, offering insights into the threats that organizations face.

Some 71% of all attacks trick employees via the use of phishing, and of particular concern is a sharp rise in QR code phishing, which increased 51% last year compared to the previous eight months. Employees are also being duped into downloading fake updates – often to their web browser. Drive-by compromise has been traditionally defined as the automatic download of a malicious file from a compromised website without user interaction. However, in most cases reviewed during the reporting period, user action was involved—facilitating initial access in nearly 30% of incidents.

The use of AI to accelerate these attacks is gaining significant attention among major cybercriminal forums with growing interest in weaponizing this technology. ReliaQuest has found dedicated AI and machine-learning sections of these sites, which detail criminal alternatives to mainstream chatbots, such as FraudGPT and WormGPT, and hint at the development of simple malware and distributed denial of service (DDoS) queries using these options. AI systems can now replicate a voice using a sample, and video-call deepfakes are aiding threat actors. Additionally, ReliaQuest has noted that a growing number of threat actors are automating various stages of their attacks, or the entire attack chain – particularly the Citrix Bleed exploitation.

However, while AI-powered automation is being leveraged by attackers, it has also delivered a step change in defensive capabilities among organizations. AI-enabled automated workflows have allowed ReliaQuest customers to respond to threats within minutes rather than days. For example, while ReliaQuest customers utilizing traditional approaches saw a Mean Time to Respond (MTTR) of an average of 2.3 days, organizations who opted to leverage some level of AI and automation saw a reduction to 58 minutes: a 99% decrease from 2022. Even more encouraging, customers who fully leveraged AI and automation are seeing reductions of MTTR down to 7 minutes or less.

Financial theft stood out as the primary objective of criminals in 2023, driving 88% of customer incidents. Extortion activity increased by 74%, with a record 4,819 compromised entities named on data-leak websites from ransomware groups, with LockBit alone accounting for 1,000-plus entities.

ReliaQuest noted a significant threat from suspected nation state actors using so-called ‘living off the land’ (LotL) techniques. In such incidents threat actors seek to hide their activity via defense-evasion techniques, such as log clearing and infiltrating PowerShell. In an intrusion ReliaQuest observed in April 2023, a Chinese state-sponsored threat group primarily focused on using LotL commands to blend into a company’s environment. The group’s discreet LotL activity allowed access for more than a month.

Michael McPherson, ReliaQuest’s Senior Vice President of Technical Operations said: “As the threat continues to evolve, defenders must stay agile, using AI and automation to keep pace with the latest attack techniques. Time is the enemy in cybersecurity. To proactively protect against these risks, companies should maximize visibility across their networks and beyond the endpoint, fully leverage AI and automation to better understand and use their own data, and equip their teams with the latest threat intelligence, as outlined in our recommendations. With this approach, in the next year we expect customers who fully leverage our AI and automation capabilities to contain threats within 5 minutes or less.”

The ReliaQuest Annual Threat Report contains detailed remediation advice, including specific sections on stopping Business Email Compromise (BEC) attempts, ransomware attacks, as well as social engineering and multifactor authentication (MFA) abuse. There are also sections on preventing malware-free activity, as well as staying on top of the latest tactics, techniques and procedures (TTPs).

Please see here for the full research report: https://www.reliaquest.com/resources/research-reports/annual-threat-report-2024

About ReliaQuest

ReliaQuest is the force multiplier of security operations. Our security operations platform, GreyMatter, automates detection, investigation and response across cloud, endpoint, and on-premise tools and applications. GreyMatter is cloud native, built on an open XDR architecture and delivered as a service any time of the day, anywhere in the world. With over 800 customers worldwide and 1,200+ teammates working across six global operating centers, ReliaQuest is driving outcomes for the most trusted enterprise brands in the world. We exist to make security possible. For more information visit www.reliaquest.com.

Contacts

Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.


 
IntelligentValue Home
Close Window

DISCLAIMER

All content herein is issued solely for informational purposes and is not to be construed as an offer to sell or the solicitation of an offer to buy, nor should it be interpreted as a recommendation to buy, hold or sell (short or otherwise) any security.  All opinions, analyses, and information included herein are based on sources believed to be reliable, but no representation or warranty of any kind, expressed or implied, is made including but not limited to any representation or warranty concerning accuracy, completeness, correctness, timeliness or appropriateness. We undertake no obligation to update such opinions, analysis or information. You should independently verify all information contained on this website. Some information is based on analysis of past performance or hypothetical performance results, which have inherent limitations. We make no representation that any particular equity or strategy will or is likely to achieve profits or losses similar to those shown. Shareholders, employees, writers, contractors, and affiliates associated with ETFOptimize.com may have ownership positions in the securities that are mentioned. If you are not sure if ETFs, algorithmic investing, or a particular investment is right for you, you are urged to consult with a Registered Investment Advisor (RIA). Neither this website nor anyone associated with producing its content are Registered Investment Advisors, and no attempt is made herein to substitute for personalized, professional investment advice. Neither ETFOptimize.com, Global Alpha Investments, Inc., nor its employees, service providers, associates, or affiliates are responsible for any investment losses you may incur as a result of using the information provided herein. Remember that past investment returns may not be indicative of future returns.

Copyright © 1998-2017 ETFOptimize.com, a publication of Optimized Investments, Inc. All rights reserved.