Ransomware, on the other hand, dropped to 16%, from 23% of incidents in the previous quarter, Kroll noted, possibly due to the deregulation of ransomware-as-a-service organizations such as LockBit and BlackCat.
Insider threats are often malicious
Insider threats, the report says, hit professional services the hardest, accounting for 23% of incidents, followed by financial services (14%) and technology and telecom (11%). But, he noted, incidents involving technology and telecom are likely to be insider threats.
“Since most of the technology providers that work with many customers fall down, an insider with access to many technology providers may have the ability to reverse the bad work for customers, which puts the supply chain at risk of attack,” it said. And almost all insider threat incidents — 90% of them, in fact — were deemed intentional, and therefore malicious. Kroll said, “This highlights the importance of insider threats and neglect as a form of threat to companies.”
Source link