Share this article on:
Palo Alto Networks’ Unit 42 has released concerning statistics that point to a sharp increase in exposures in the insurance, pharmaceuticals, and manufacturing sectors.
A new report from Palo Alto Networks’ Unit 42 has revealed a growing AI threat, as cyber criminals are increasingly taking advantage of the technology to drive their attacks.
The 2024 Unit 42 Attack Surface Threat Report, released today (15 August), took advantage of “several petabytes of data collected throughout 2023” to build a picture of the modern attack surface and the changing nature of the threats facing many businesses.
Unit 42 called the pace of evolution “relentless,” particularly in terms of AI-powered abilities.
“Attackers are moving faster and more aggressively, leveraging AI to exploit even the smallest gaps in an organisation’s defence. Our report makes it clear that central oversight is essential to address today’s increasingly complex exposure landscape, which is why organisations and governments are turning to Attack Surface Management practices to meet this need,” Steve Manley, regional vice president for Australia and New Zealand at Palo Alto Networks, said in a statement.
“We saw the importance of this recently, with the Australian government’s directives for all government agencies to adopt ASM policies, to gain complete visibility into their attack surface and reduce security risks. By maintaining continuous visibility into their internet-facing infrastructure, organisations can take a proactive approach to effectively manage and secure their attack surface.”
The report found that, on average, companies are expanding their attack services with more than 300 services per month, which, in turn, counts for almost 32 per cent of serious cloud incidents and exposures.
That number may seem high, but it’s not the highest; the media and entertainment industry introduces, on average, more than 7,000 new services each month, while the telecommunications, insurance, pharma, and life sciences are adding more than 1,000 every month on average.
The financial services, healthcare, and manufacturing sectors add over 200 new services monthly.
The expansion of the attack surface is also aiding in threat actor lateral movement and exposing more data for exfiltration. Seventy-three per cent of exposures occur within IT and networking infrastructure, business operations applications, and remote access services.
Twenty-five per cent of those exposures occur within IT and networking infrastructure, while 23 per cent occur within remote access services and business applications.
You can read the full report here.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.