Human risk management platform Mimecast has published its Global Threat Intelligence Report 2024 H1, revealing malicious links and AI-driven bots in call centres to be among the greatest threats to cybersecurity defences, with small businesses bearing the brunt of attacks.
The report analyses the threat landscape during the first six months of 2024 and offers actionable steps for organisations of all sizes to improve cyber defences. Key findings from the report include:
Threat actors link up
Messaging attacks continue to evolve, with hackers moving away from pushing malware to using malicious links as the preferred method of delivering payloads to victims’ systems. Mimecast’s analysis found malicious links surged by 133% in the first quarter of 2024 and 53% in the second quarter globally, compared to the same period in 2023.
Across Asia-Pacific, this is a similar trend, with more malicious links reported in the first quarter of 2024 compared to the previous year. Attacks increasingly employ multiple layers of false information, requiring more interaction from victims, who are forced to click through links, respond to CAPTCHAs, and engage with false multi-factor authentication requests.
Additional obfuscation layers allow these types of attacks to fly under the radar, gaining entry where malware would be denied. During the year’s first half, a campaign targeting Australian law firms used confusing URLs in email messages to send users to an intermediate page on one of several collaboration platforms. Clicking on the link redirects victims to a fake Microsoft login page to access credentials.
Travel, hospitality and catering industries most targeted
Malicious links remain the most prominent attacks blocked by Mimecast in the Asia Pacific region, with travel, hospitality and catering being the most targeted industries in 2024. These industries saw a large increase of more than twice the recorded threats per user in the first quarter of 2024 compared to Q1 2023.
Small businesses remain the prime target for cyber threats
As observed in the 2023 fourth-quarter report, small businesses experience the highest volume of cyber threats. Mimecast saw a spike of over 80 threats per user in the first quarter of 2024 for small and medium-sized enterprises in the Asia Pacific region. Employees at both small and medium businesses continue to see more than twice the number of threats compared to users at large enterprises.
“Email and collaboration tools are often seen merely as cost centres, but this overlooks their essential role in cybersecurity,” says Mimecast’s Asia Pacific Regional Vice President Stanley Hsu. “By optimising email security, organisations can achieve significant cost efficiencies while ensuring robust protection against emerging threats. This approach is crucial not only for minimising cyber risks but also for maintaining the productivity and safety of your organisation.”
You can read the full report here.