Latest Technology News Today – Get Latest Information Technology Updates and Services Latest Technology News Today – Get Latest Information Technology Updates and Services 
Sophos, a leading provider of cybersecurity solutions, has released its latest Active Adversary Report titled “It’s Oh So Quiet (?): The Sophos Active Adversary Report for 1H 2024.” This report analyzes over 150 incident response cases handled by the Sophos X-Ops IR team in 2023, revealing significant trends in cyberattacks.
The report highlights that cybercriminals exploited remote desktop protocol (RDP) in 90% of the attacks investigated by Sophos, marking the highest level of RDP abuse since the inception of the Active Adversary reports in 2020. Furthermore, the most common method of initial network breach, identified in 65% of incidents, was through external remote services like RDP. This trend has persisted since the reports were initiated, emphasizing the importance of prioritizing the management of such services to mitigate enterprise risk effectively.
John Shier, field CTO at Sophos, emphasized the inherent risks associated with external remote services, cautioning that exposing these services without adequate risk mitigation measures often leads to compromise. He cited a case where attackers repeatedly exploited exposed RDP ports to infiltrate a victim’s network, underscoring the urgency for organizations to strengthen their security postures.
While compromised credentials and vulnerabilities remain primary attack vectors, compromised credentials surpassed vulnerabilities as the most frequent root cause of attacks in 2023, a trend observed since the first half of the year. Despite compromised credentials being a prevalent risk factor, over 40% of organizations did not have multi-factor authentication enabled, leaving them vulnerable to exploitation.
Shier stressed the importance of actively managing security risks, advocating for measures to reduce exposure to vulnerable services and enhance authentication protocols. The report, based on global IR investigations across various sectors and countries, provides valuable insights into evolving cyber threats and underscores the necessity for proactive cybersecurity measures to combat sophisticated adversaries.
