Search This Blog

Ransomware Remains a Major Cyber Threat for Organizations Worldwide

Trellix released its quarterly report to highlight the key threats for businesses globally.


Trellix, the cybersecurity firm delivering the future of extended detection and response (XDR), has published 'The Threat Report: Fall 2022,' examining cybersecurity patterns and attack techniques from the first quarter of the year. 

The threat report includes evidence of malicious activity linked to ransomware and state-linked advanced persistent threat (APT) hackers. The researchers examined proprietary data from its sensor network, open-source intelligence, and investigations by the Trellix Advanced Research Center. Here are some of the report’s key findings: 

• Transportation was the second most active sector globally, following telecom. APTs were also detected in transportation more than in any other sector. 

• Ransomware attacks surged 32% in Germany in Q3 and contributed 27% of global activity. Germany also experienced the most threat detections related to malicious hackers in Q3, with 29% of observed activity. In the United States, ransomware activity increased 100 % quarter-over-quarter in the transportation and shipping industries for Q3 2022. 

• Mustang Panda, a China-linked APT group, had the most identified threat indicators in Q3, followed by Russian-associated APT29 and Pakistan-linked APT36. 

• Phobos, ransomware sold as a complete kit in the cybercriminal underground, accounted for 10% of global detected activity and was the second most used ransomware detected in the US. 

• The infamous LockBit remained the most propagated ransomware in the third quarter of 2022, generating over a fifth (22%) of detections 

• Years-old security loopholes continue to remain a perfect target spot for threat actors. Threat analysts detected Microsoft Equation Editor vulnerabilities CVE-2017-11882, CVE-2018-0798, and CVE-2018-0802 to be the most abused among malicious emails received by users during Q3. 

• Cobalt Strike, an authentic third-party tool, was employed in 33% of detected global ransomware activity and in 18% of APT detections in Q3. 

“So far in 2022, we have seen unremitting activity out of Russia and other state-sponsored groups. This activity is compounded by a rise in politically motivated hacktivism and sustained ransomware attacks on healthcare and education. The need for increased inspection of cyber threat actors and their methods has never been greater,” John Fokker, Trellix head of threat intelligence, stated. 

Earlier this year, Trellix announced its partner program to include multiple latest features along with 10 new technology associates and technology integrations with its flagship platform. The partner additions bring Trellix’s ecosystem to some 800 partners associated with its XDR platform.
Share it:


Cyber Security

cyber threat

data security


threat report