概述/Overview
本報告深入分析了不斷變化的網路威脅形勢,重點介紹了網路犯罪、民族國家威脅、重大挑戰和安全創新方面的主要動態。
The report provides insights into the evolving cyber threat landscape, highlighting key developments in cybercrime, nation-state threats, critical challenges, and security innovations.
主要動態/Key Developments
網路犯罪分子正在利用網路犯罪即服務模式,大規模發起網路釣魚、勒索軟體和商業電子郵件泄露等攻擊。他們繞過安全措施的手段更加復雜。
民族國家更加注重網路間諜活動,而不是破壞性攻擊。中國和伊朗的組織加強了能力,而朝鮮則進行了首次觀察到的供應鏈攻擊。
對 IT/OT 交叉點的攻擊有所增加,25% 的 OT 設備使用了不支持的系統。在關鍵基礎設施中使用的 CODESYS 軟體中發現了 15 個新漏洞。
人工智慧和機器學習為自動化安全和增強人的能力提供了新的機遇,但也帶來了新的潛在風險,必須加以解決。
Cybercriminals are using the cybercrime-as-a-service model to launch attacks like phishing, ransomware, and business email compromise at scale. They are bypassing security measures with greater sophistication.
Nation-states focused more on cyber espionage rather than destructive attacks. Chinese and Iranian groups enhanced capabilities, while North Korea conducted its first observed supply chain attack.
Attacks on IT/OT intersections increased, with 25% of OT devices using unsupported systems. 15 new vulnerabilities were found in CODESYS software used across critical infrastructure.
AI and machine learning provide new opportunities to automate security and augment human capabilities, but also introduce new potential risks that must be addressed.
關鍵統計數據/Key stats
自 2022 年 9 月以來,人為操作的勒索軟體攻擊增加了 200% 以上。
70% 的勒索軟體受害者的員工人數少於 500 人。
自 2022 年 11 月以來,潛在信息外泄增加了一倍。
商業電子郵件泄露(BEC)嘗試達到每天 156,000 次。
密碼暴力攻擊從每月 30 億次增至 300 多億次。
人工智慧可幫助實現威脅情報、響應、監控、測試、教育和治理的自動化。
Human-operated ransomware attacks increased over 200% since September 2022.
70% of ransomware victims had fewer than 500 employees.
Potential exfiltration doubled since November 2022.
Business email compromise attempts reached 156,000 per day.
Password spray attacks grew from 3 billion to over 30 billion monthly.
AI can help automate threat intel, response, monitoring, testing, education, and governance.
主要應對方式/Key takeaways
採用網路安全基礎知識 - MFA、套件修補、最小權限訪問、備份。
優先考慮身份保護,實施防網路釣魚身份驗證。
更加關注供應鏈風險和非托管設備的安全性。
安全負責地利用人工智慧加強安全。
跨部門合作,共用情報,採取法律/技術行動,提高集體應變能力。
Adopt cyber hygiene basics - MFA, patching, least privilege access, backups.
Prioritize identity protection and implement phishing-resistant authentication.
Increase focus on supply chain risks and security of unmanaged devices.
Leverage AI safely and responsibly to enhance security.
Collaborate across sectors to share intelligence, take legal/technical action, and boost collective resilience.
結論/Summary
報告強調了網路威脅的規模和復雜程度不斷增加,同時也強調了創新、加強防禦和共同努力創建更安全的網路生態系統的機會。採用技術和政策解決方案將是關鍵所在。
The report highlights the increasing scale and sophistication of cyber threats, while emphasizing opportunities to innovate, strengthen defenses, and work together to create a safer online ecosystem. Adopting both technological and policy solutions will be key.