Carding Forum
Professional
The Positive Technologies report reveals trends in cyber attacks in 2024.
In 2024, cybercriminals became significantly less interested in personal data, focusing on the theft of corporate credentials and trade secrets. This trend was revealed by Positive Technologies experts in the first study devoted to the analysis of data leaks in Russia and the world. The report examined about 1,000 ads on shadow market forums and over 700 reports of publicly disclosed incidents in the first half of 2024.
The share of credential leaks from organizations reached 21%, which is 9 percentage points higher than last year. Theft of trade secrets also increased to 24%, 10 percentage points higher than in the first half of 2023. At the same time, personal data leaks returned to 2022 levels, rising 37% in the first quarter and falling to 25% in the second quarter of 2024.
The largest leaks of trade secrets were recorded in the industrial sector (39%), government agencies (36%) and transport companies (29%). Among the victims – Hyundai Motor Europe and Volkswagen, which were stolen documents on the technology of electric vehicles. Hacks also affected IT companies such as Apple and AMD, whose source code was allegedly accessed by hackers for further attacks.
Compromised credentials often serve as an intermediate step for further actions, such as stealing money or disrupting systems. In every third successful attack, cryptographers were used.
The sale of credentials on the darknet is gaining momentum: accesses are sold to several dozen or hundreds of companies at once. In April, an announcement was made about the sale of access to the infrastructure of 16 companies for $250 - $5000. In June, more than 400 organizations offered data, including access via Jira, GitHub, and GitLab.
The number of ads for free distribution of information is 2 times higher than the number of ads for sale (64% vs. 33%). This is because not all attackers are motivated by money; ransom is often demanded for non-disclosure of stolen data, and not all victims are willing to pay. In more than half of the ads, the price of stolen data does not exceed $1,000. Every tenth ad is associated with the most expensive offers (starting from $10,000), and the most expensive (over $50,000) were related to large financial organizations and IT companies.
In the second quarter of 2024, the company Cylance was attacked, as a result of which 34 million emails and personal data of customers and employees were leaked, offered for sale for $750,000.
Positive Technologies experts note that every second successful attack in the first half of 2024 resulted in a leak of confidential data. The largest number of incidents occurred in government agencies (13%), IT companies (12%) and industrial organizations (11%).
According to the report, in the first half of 2024, Russia ranked first among the countries in the world in terms of the number of ads for the sale of company databases on darknet forums with a share of ads of about 10%. The top five also included the United States, India , China and Indonesia. Merged databases often contain personal data from accounts, as well as trade secrets.
To prevent information leaks, we need a comprehensive approach that includes protecting users devices, the corporate network, the internal perimeter of companies, and the data itself. Companies data infrastructures are becoming increasingly complex, and their effective protection requires a single solution that can protect information assets regardless of their structure and storage location.
Source
In 2024, cybercriminals became significantly less interested in personal data, focusing on the theft of corporate credentials and trade secrets. This trend was revealed by Positive Technologies experts in the first study devoted to the analysis of data leaks in Russia and the world. The report examined about 1,000 ads on shadow market forums and over 700 reports of publicly disclosed incidents in the first half of 2024.
The share of credential leaks from organizations reached 21%, which is 9 percentage points higher than last year. Theft of trade secrets also increased to 24%, 10 percentage points higher than in the first half of 2023. At the same time, personal data leaks returned to 2022 levels, rising 37% in the first quarter and falling to 25% in the second quarter of 2024.
The largest leaks of trade secrets were recorded in the industrial sector (39%), government agencies (36%) and transport companies (29%). Among the victims – Hyundai Motor Europe and Volkswagen, which were stolen documents on the technology of electric vehicles. Hacks also affected IT companies such as Apple and AMD, whose source code was allegedly accessed by hackers for further attacks.
Compromised credentials often serve as an intermediate step for further actions, such as stealing money or disrupting systems. In every third successful attack, cryptographers were used.
The sale of credentials on the darknet is gaining momentum: accesses are sold to several dozen or hundreds of companies at once. In April, an announcement was made about the sale of access to the infrastructure of 16 companies for $250 - $5000. In June, more than 400 organizations offered data, including access via Jira, GitHub, and GitLab.
The number of ads for free distribution of information is 2 times higher than the number of ads for sale (64% vs. 33%). This is because not all attackers are motivated by money; ransom is often demanded for non-disclosure of stolen data, and not all victims are willing to pay. In more than half of the ads, the price of stolen data does not exceed $1,000. Every tenth ad is associated with the most expensive offers (starting from $10,000), and the most expensive (over $50,000) were related to large financial organizations and IT companies.
In the second quarter of 2024, the company Cylance was attacked, as a result of which 34 million emails and personal data of customers and employees were leaked, offered for sale for $750,000.
Positive Technologies experts note that every second successful attack in the first half of 2024 resulted in a leak of confidential data. The largest number of incidents occurred in government agencies (13%), IT companies (12%) and industrial organizations (11%).
According to the report, in the first half of 2024, Russia ranked first among the countries in the world in terms of the number of ads for the sale of company databases on darknet forums with a share of ads of about 10%. The top five also included the United States, India , China and Indonesia. Merged databases often contain personal data from accounts, as well as trade secrets.
To prevent information leaks, we need a comprehensive approach that includes protecting users devices, the corporate network, the internal perimeter of companies, and the data itself. Companies data infrastructures are becoming increasingly complex, and their effective protection requires a single solution that can protect information assets regardless of their structure and storage location.
Source
