Cybercriminals adapting scam, theft methods: Arctic Wolf

Cybercriminals are adapting their methods to defeat stronger security defenses while prioritizing data theft and refining business email compromise scams, according to a report Wednesday from cybersecurity company Arctic Wolf Networks Inc.

Virtually all, or some 96% of ransomware cases analyzed, included data theft, and three types of cybersecurity incidents — ransomware (44%), business email compromise (27%), and intrusions (24%) — account for 95% of all incident response cases.

Median ransom demands remain high at $600,000, “demonstrating that ransomware remains a lucrative business for cybercriminals despite increased law enforcement action,” according to the report.

The finance and insurance sectors were particularly hard hit by business email compromise, which accounted for 53% of incident response cases — making it the only area where BEC outpaced ransomware.

The finance and insurance industry accounted for 26.5% of business email compromise incident response cases, roughly double the 13.3% of second-place industry legal and government, report data showed.

“We see evidence that threat actors are adapting to target stronger cybersecurity postures by looking for novel methods of attack or embracing low-tech — but effective — means of bypassing high-tech safeguard,” the report said.