Third-Party Risk Emerges as a Notable Threat Amid Continued Volatility
Our findings for Q2 2023 reflect continued instability in the threat landscape. The activity of the CLOP ransomware group and the increase in email compromise attacks add up to supply chain risk becoming a notable threat. Often less prioritized as a security issue by organizations, third-party risk is now presenting as a key area of concern due to shifting threat actor behaviors and priorities.
In Q1 2023, we highlighted the trend of reinvention among threat actors, and Q2 is no different. Attackers continue to successfully transform and adapt, with our findings highlighting the importance of leveraging continuously updated and reviewed security approaches. Just one example of this type of evolution in Q2 is the use of open redirect abuse in phishing attacks. It is important to note that these types of pivots aren’t only being made in relation to tactics and techniques. They are also being undertaken on an industry level, as seen in the impact of CLOP ransomware activity on regional banks, even though the financial services sector is not usually targeted by ransomware. That’s not to say that the use of established attack techniques has stalled; threat actors also continue to achieve their goals through the use of tried-and-tested approaches such as phishing. In response, organizations should ensure that they have a comprehensive cybersecurity strategy, whether that’s for the cloud or on-premises.
While some sectors were more targeted than others in Q2—notably health care, making it one of the top five targeted industries for the first time in two quarters—all sectors need to prepare to respond to entrenched and emerging security threats.
The key underlying security trend of this quarter also requires organizations to look closer to home in order to address their cyber risk. The rise in supply chain risk calls for businesses to confirm the strength and security of their relationships with their business partners and suppliers. Alongside this, they should ensure that they have robust and proactive support from a trusted security partner. Doing so will mean that they are better positioned to weather the variable conditions in the threat and economic landscape in the months ahead.