概述/Overview
本報告深入分析了不斷變化的網路威脅形勢,重點介紹了網路犯罪、民族國家威脅、重大挑戰和安全創新方面的主要動態。
The report provides insights into the evolving cyber threat landscape, highlighting key developments in cybercrime, nation-state threats, critical challenges, and security innovations.
主要動態/Key Developments
-
網路犯罪分子正在利用網路犯罪即服務模式,大規模發起網路釣魚、勒索軟體和商業電子郵件泄露等攻擊。他們繞過安全措施的手段更加復雜。
-
民族國家更加注重網路間諜活動,而不是破壞性攻擊。中國和伊朗的組織加強了能力,而朝鮮則進行了首次觀察到的供應鏈攻擊。
-
對 IT/OT 交叉點的攻擊有所增加,25% 的 OT 設備使用了不支持的系統。在關鍵基礎設施中使用的 CODESYS 軟體中發現了 15 個新漏洞。
-
人工智慧和機器學習為自動化安全和增強人的能力提供了新的機遇,但也帶來了新的潛在風險,必須加以解決。
-
Cybercriminals are using the cybercrime-as-a-service model to launch attacks like phishing, ransomware, and business email compromise at scale. They are bypassing security measures with greater sophistication.
-
Nation-states focused more on cyber espionage rather than destructive attacks. Chinese and Iranian groups enhanced capabilities, while North Korea conducted its first observed supply chain attack.
-
Attacks on IT/OT intersections increased, with 25% of OT devices using unsupported systems. 15 new vulnerabilities were found in CODESYS software used across critical infrastructure.
-
AI and machine learning provide new opportunities to automate security and augment human capabilities, but also introduce new potential risks that must be addressed.
關鍵統計數據/Key stats
-
自 2022 年 9 月以來,人為操作的勒索軟體攻擊增加了 200% 以上。
-
70% 的勒索軟體受害者的員工人數少於 500 人。
-
自 2022 年 11 月以來,潛在信息外泄增加了一倍。
-
商業電子郵件泄露(BEC)嘗試達到每天 156,000 次。
-
密碼暴力攻擊從每月 30 億次增至 300 多億次。
-
人工智慧可幫助實現威脅情報、響應、監控、測試、教育和治理的自動化。
-
Human-operated ransomware attacks increased over 200% since September 2022.
-
70% of ransomware victims had fewer than 500 employees.
-
Potential exfiltration doubled since November 2022.
-
Business email compromise attempts reached 156,000 per day.
-
Password spray attacks grew from 3 billion to over 30 billion monthly.
-
AI can help automate threat intel, response, monitoring, testing, education, and governance.
主要應對方式/Key takeaways
-
採用網路安全基礎知識 - MFA、套件修補、最小權限訪問、備份。
-
優先考慮身份保護,實施防網路釣魚身份驗證。
-
更加關注供應鏈風險和非托管設備的安全性。
-
安全負責地利用人工智慧加強安全。
-
跨部門合作,共用情報,採取法律/技術行動,提高集體應變能力。
-
Adopt cyber hygiene basics - MFA, patching, least privilege access, backups.
-
Prioritize identity protection and implement phishing-resistant authentication.
-
Increase focus on supply chain risks and security of unmanaged devices.
-
Leverage AI safely and responsibly to enhance security.
-
Collaborate across sectors to share intelligence, take legal/technical action, and boost collective resilience.
結論/Summary
報告強調了網路威脅的規模和復雜程度不斷增加,同時也強調了創新、加強防禦和共同努力創建更安全的網路生態系統的機會。採用技術和政策解決方案將是關鍵所在。
The report highlights the increasing scale and sophistication of cyber threats, while emphasizing opportunities to innovate, strengthen defenses, and work together to create a safer online ecosystem. Adopting both technological and policy solutions will be key.