Content, Content

9 of 10 Cyberattacks Start with a Phish, Comcast Study Shows

Phishing, E-Mail, Network Security, Computer Hacker, Cloud Computing

Comcast Business has released its inaugural Comcast Business Cybersecurity Threat Report, based on data from 23.5 billion cybersecurity attacks, spanning 500 threat types and 900 distinct infrastructure and software vulnerabilities in 2022.

Key Findings from the Report

The majority of breaches begin with the users of internal and external resources.

  • Roughly 67% of all breaches start with someone clicking on a seemingly safe link, which explains why adversaries begin 80-95% of all attacks with a phish.

Adversaries' use of reconnaissance tactics shows the importance of only accepting network connection requests from trusted sources.

  • The top reconnaissance tools employed by adversaries include vulnerability scanners, botnets and phishing.
  • Adversaries made 2.6 million attempts to modify or create new firewall rules to establish external communications for command-and-control operations and data exfiltration.

Remote desktop is an increasingly targeted vulnerability.

  • Customer logs documented over 54 million attempts to exploit credentials for initial access.
  • Bad actors capitalized on vulnerable Remote Desktop Protocol (RDP) configurations resulting in 185 million attempts to gain remote access.
  • Unauthenticated users also exploited vulnerabilities in Transmission Control Protocol (TCP) and made 139 million attempts to establish connections to victim servers.
  • Credential-stealing malware contributed to 159 million attempts by adversaries to steal and use credentials to infiltrate compromised networks.

Bad actors continue to exploit the Apache Log4j vulnerability.

  • The Apache Log4j vulnerability leaves 72% of organizations vulnerable to exploits.
  • Nearly 105 million Log4j exploit attempts in 2022.
  • By regularly updating systems and optimizing operating performance, businesses can fortify their endpoints against potential cyber-attacks and mitigate the risks associated with Log4j exploits.

Distributed Denial-of-Service (DDoS) attacks will continue to be a concern as the world becomes more interconnected.

  • 51,915 DDoS attacks: IT and technical service customers saw an increase in DDoS attempts, making up 25% of attempts.
  • 210 million instances of denial-of-service attacks recorded.
  • Education (46%), finance (14%) and healthcare (13%) are among the most targeted industry segments.

Final Thoughts

Shena Seneca Tharnish, Comcast Business vice president of Secure Networking and Cyber Security Solutions, commented on the study’s findings:

“No organization has perfect security, but everyone needs to understand their cybersecurity risks and build a plan to address the threats and trends the industry is experiencing.”

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.