Comcast Business Report Finds Global Cybersecurity Community at a Crossroads as Technology Advancements Accelerate
July 31 2023 - 10:00AM
Business Wire
Cybersecurity Threat Report dissects 23.5
billion attempted cybersecurity attacks against Comcast Business
customers – phishing and malware dominate threat landscape
Comcast Business today announced the release of its inaugural
Comcast Business Cybersecurity Threat Report, presenting essential
insights into the global cybersecurity landscape and effective
strategies for technology and security leaders to safeguard their
organizations against evolving cyber threats.
“Technology is accelerating at a breakneck pace – bringing
sophisticated new tools to both attackers and defenders. And
although attacker tools are evolving, social engineering continues
to be the leading tactic used to breach corporate networks,” said
Noopur Davis, Executive Vice President, Chief Information Security
and Product Privacy Officer, Comcast Corporation and Comcast Cable.
“CISOs and CIOs have to adjust to the evolving threat landscape to
protect their organizations and customers.”
The report leverages data from 23.5 billion cybersecurity
attacks, spanning 500 threat types and 900 distinct infrastructure
and software vulnerabilities, that Comcast Business helped
customers navigate in 2022 and sheds light on the new threat matrix
and strategies adversaries employ to access enterprise networks.
Key themes from this year’s report include:
- The majority of breaches now originate with the users of
internal and external resources. Cyber-attacks used to begin
with an exploit of a vulnerability in public-facing network
resources that connect to applications and infrastructure within
the network perimeter. Research has shown that today, approximately
67% of all breaches start with someone clicking on a seemingly safe
link, which explains why adversaries begin 80-95% of all attacks
with a phish.
- Adversaries' use of reconnaissance tactics underscores the
importance of only accepting network connection requests from
trusted sources. Attackers do their homework to uncover
vulnerabilities, like open ports and misconfigured systems, as
evidenced by the 242 million reconnaissance scans of customer
networks and assets. The top reconnaissance tools employed by
adversaries include vulnerability scanners, botnets and phishing.
Once inside a network, adversaries made 2.6 million attempts to
modify or create new firewall rules to establish external
communications for command-and-control operations and data
exfiltration.
- Remote desktop has become an increasingly targeted
vulnerability. Adversaries used various methods, including
remote desktop, theft and brute force attacks to steal credentials
and gain unauthorized access to customer networks. Customer logs
documented over 54 million attempts to exploit credentials for
initial access. Additionally, bad actors capitalized on vulnerable
Remote Desktop Protocol (RDP) configurations, resulting in over 185
million attempts to gain remote access. Unauthenticated users also
exploited vulnerabilities in Transmission Control Protocol (TCP)
and made 139 million attempts to establish connections to victim
servers. Furthermore, credential-stealing malware contributed to
159 million attempts by adversaries to steal and use credentials to
infiltrate compromised networks.
- Adversaries continue to exploit the Apache Log4j
vulnerability. The Apache Log4j vulnerability remains a
significant threat due to the widespread deployment of millions of
Java applications, leaving a staggering 72% of organizations
vulnerable to exploits. Comcast Business prevented nearly 105
million Log4j exploit attempts in 2022. By regularly updating
systems and optimizing operating performance, businesses can
fortify their endpoints against potential cyber-attacks and
mitigate the risks associated with Log4j exploits.
- Distributed Denial-of-Service (DDoS) attacks will continue
to be a concern as the world becomes more interconnected.
Comcast Business detected 51,915 DDoS attacks in 2022. IT and
technical service customers saw an increase in DDos attempts,
making up 25% of attempts, joining education (46%), finance (14%)
and healthcare (13%) as the most targeted industry segments. These
attacks aimed to disrupt critical database servers and network
resources, with over 210 million instances of denial-of-service
attacks recorded.
“No organization has perfect security, but everyone needs to
understand their cybersecurity risks and build a plan to address
the threats and trends the industry is experiencing,” said Shena
Seneca Tharnish, Vice President, Secure Networking and Cyber
Security Solutions. “Technology teams today are best served through
a comprehensive suite of powerful security solutions orchestrated
to provide multiple layers of security.”
Download the 2023 Comcast Business Cybersecurity Threat Report
here. To learn more about how Comcast Business can help safeguard
your organization from an evolving set of cybersecurity threats,
please visit our website.
About Comcast Business
Comcast Business offers a broad suite of technology solutions to
keep businesses of all sizes ready for what’s next. With a range of
offerings including connectivity, secure networking, advanced
cybersecurity, and unified communications solutions, Comcast
Business is partnering with business and technology leaders across
industries and integrating Masergy, a leader in software defined
networking, to help drive businesses forward. Backed by a
next-generation network, Comcast Business has been recognized for
its growth, innovation, and leadership in global secure
networking.
For more information, call 800-501-6000. Follow on Twitter
@ComcastBusiness and on other social media networks at
http://business.comcast.com/social.
About Comcast
Corporation
Comcast Corporation (Nasdaq: CMCSA) is a global media and
technology company. From the connectivity and platforms we provide,
to the content and experiences we create, our businesses reach
hundreds of millions of customers, viewers, and guests worldwide.
We deliver world-class broadband, wireless, and video through
Xfinity, Comcast Business, and Sky; produce, distribute, and stream
leading entertainment, sports, and news through brands including
NBC, Telemundo, Universal, Peacock, and Sky; and bring incredible
theme parks and attractions to life through Universal Destinations
& Experiences.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20230731665124/en/
Matt Helmke, Corporate Communications Comcast Corporation
215.286.8666 matt_helmke@comcast.com
Comcast (NASDAQ:CMCSA)
Historical Stock Chart
From May 2024 to Jun 2024
Comcast (NASDAQ:CMCSA)
Historical Stock Chart
From Jun 2023 to Jun 2024