Barracuda Reports A Surge in High-Severity Threats That Peaks During Holiday
High severity threats are increasing and peak during the holidays according to a new Threat Spotlight from Barracuda, a trusted partner and leading provider of cloud-first security solutions.
Analysing the most prevalent Barracuda XDR detections in 2023, the new report reveals a steady rise in high-severity attack attempts during the year, with significant spikes in such threats in November and a lower peak in June – prime times for holidays and online shopping.
1
The findings underscore both the growing severity of cyber threats targeting organisations and the adversarial behaviour that Barracuda first reported in 2022, highlighting how attackers take advantage of times when people are away, busy, or distracted to launch more damaging and high-risk attacks.
Top of the list when it comes to attack detections are activities related to identity compromise, which enable attackers to breach an account and gain access to the corporate network, data, and more.
2
The detections that signpost identity abuse include suspicious logins, brute force attacks, and attackers disabling multifactor authentication. Suspicious login activity is spotted by Barracuda XDR’s features and AI-powered detection rules that identify pattern anomalies.
“Cybersecurity involves understanding attackers’ behaviour as well as their tools and tactics. Our data for 2023 shows that attackers are launching more high-severity attacks overall, and especially during times when IT teams are away from the workplace or less attentive, such as during holidays, outside working hours, during the night, and at weekends,” said Merium Khalid, Director, SOC Offensive Security, Barracuda XDR.
“Most attacks are trying to gain access to accounts by compromising identities. As attackers start to leverage AI tools to scale the volume, speed, and sophistication of attacks, these trends will escalate. Security teams need to ensure their security tools have the same power.”
3
Barracuda recommends that companies implement robust authentication and access controls (multifactor authentication at a minimum and ideally moving to Zero Trust-based measures), alongside a solid approach to patch management and data protection, with regular cybersecurity awareness training for employees.
This should ideally sit within an overall security framework of next-generation security technologies, backed by expert analysis and 24/7/365 SOC security monitoring to catch unknowns and anomalies that might otherwise slip through the net.