概述/Overview
本報告深入分析了不斷變化的網路威脅形勢,重點介紹了網路犯罪、民族國家威脅、重大挑戰和安全創新方面的主要動態。
The report provides insights into the evolving cyber threat landscape, highlighting key developments in cybercrime, nation-state threats, critical challenges, and security innovations.
主要動態/Key Developments
- 網路犯罪分子正在利用網路犯罪即服務模式,大規模發起網路釣魚、勒索軟體和商業電子郵件泄露等攻擊。他們繞過安全措施的手段更加復雜。
- 民族國家更加注重網路間諜活動,而不是破壞性攻擊。中國和伊朗的組織加強了能力,而朝鮮則進行了首次觀察到的供應鏈攻擊。
- 對 IT/OT 交叉點的攻擊有所增加,25% 的 OT 設備使用了不支持的系統。在關鍵基礎設施中使用的 CODESYS 軟體中發現了 15 個新漏洞。
- 人工智慧和機器學習為自動化安全和增強人的能力提供了新的機遇,但也帶來了新的潛在風險,必須加以解決。
- Cybercriminals are using the cybercrime-as-a-service model to launch attacks like phishing, ransomware, and business email compromise at scale. They are bypassing security measures with greater sophistication.
- Nation-states focused more on cyber espionage rather than destructive attacks. Chinese and Iranian groups enhanced capabilities, while North Korea conducted its first observed supply chain attack.
- Attacks on IT/OT intersections increased, with 25% of OT devices using unsupported systems. 15 new vulnerabilities were found in CODESYS software used across critical infrastructure.
- AI and machine learning provide new opportunities to automate security and augment human capabilities, but also introduce new potential risks that must be addressed.
關鍵統計數據/Key stats
- 自 2022 年 9 月以來,人為操作的勒索軟體攻擊增加了 200% 以上。
- 70% 的勒索軟體受害者的員工人數少於 500 人。
- 自 2022 年 11 月以來,潛在信息外泄增加了一倍。
- 商業電子郵件泄露(BEC)嘗試達到每天 156,000 次。
- 密碼暴力攻擊從每月 30 億次增至 300 多億次。
- 人工智慧可幫助實現威脅情報、響應、監控、測試、教育和治理的自動化。
- Human-operated ransomware attacks increased over 200% since September 2022.
- 70% of ransomware victims had fewer than 500 employees.
- Potential exfiltration doubled since November 2022.
- Business email compromise attempts reached 156,000 per day.
- Password spray attacks grew from 3 billion to over 30 billion monthly.
- AI can help automate threat intel, response, monitoring, testing, education, and governance.
主要應對方式/Key takeaways
- 採用網路安全基礎知識 - MFA、套件修補、最小權限訪問、備份。
- 優先考慮身份保護,實施防網路釣魚身份驗證。
- 更加關注供應鏈風險和非托管設備的安全性。
- 安全負責地利用人工智慧加強安全。
- 跨部門合作,共用情報,採取法律/技術行動,提高集體應變能力。
- Adopt cyber hygiene basics - MFA, patching, least privilege access, backups.
- Prioritize identity protection and implement phishing-resistant authentication.
- Increase focus on supply chain risks and security of unmanaged devices.
- Leverage AI safely and responsibly to enhance security.
- Collaborate across sectors to share intelligence, take legal/technical action, and boost collective resilience.
結論/Summary
報告強調了網路威脅的規模和復雜程度不斷增加,同時也強調了創新、加強防禦和共同努力創建更安全的網路生態系統的機會。採用技術和政策解決方案將是關鍵所在。
The report highlights the increasing scale and sophistication of cyber threats, while emphasizing opportunities to innovate, strengthen defenses, and work together to create a safer online ecosystem. Adopting both technological and policy solutions will be key.