Arctic Wolf 2024 Trends Report Reveals 70% of Businesses Targeted by BEC Attacks

Source: Arctic Wolf | Published on June 4, 2024

BEC attacks

Arctic Wolf®, a global leader in security operations, published findings from its annual State of Cybersecurity: 2024 Trends Report, based on a global survey the company commissioned from Sapio Research of over 1,000 senior IT and cybersecurity decision-makers from over fifteen different countries.

The State of Cybersecurity: 2024 Trends Report provides security executives and practitioners with insights into the current and future state of the cybersecurity landscape so they can help their organizations deliver positive security outcomes in an ever-evolving threat environment and remain on the forefront of cyber defense.

Key findings from the report include:

  • Business Email Compromise (BEC) Now Top Method of Attack: Almost three quarters (70%) of organizations were the targets of attempted BEC attacks in the last year, with almost a third (29%) of these targets becoming victims of one or more successful BEC occurrences.
  • Successful Data Exfiltration Dominates Rampant Ransomware Attacks: Nearly half (45%) of respondents claim their organization suffered a ransomware attack in the last 12 months, an increase from last year, with the majority (86%) of those attacks including successful data exfiltration.
  • Breach Disclosure Regulations Are Forcing Transparency: Two thirds (66%) of organizations that suffered a data breach in the last year chose to publicly disclose information regarding their incidents, while a third (30%) only disclosed their breaches to impacted parties.
  • Cyber Insurance Is the New Table Stakes in Risk Management: Cyber insurance demand and adoption is widespread, with an exceedingly small fraction (5%) of organizations deciding not to acquire coverage. Of the remaining organizations surveyed, the majority (66%) have an active cyber insurance policy, while a near additional third (29%) are in the process of obtaining or planning to obtain a policy this year.
  • With Rise of Generative AI, Usage Policies Are a Priority for Organizations: A staggering majority of organizations (94%) either currently have or plan to implement adoption and usage policies around generative AI and large language models (LLM) tools this year.

“This year’s insights highlight the increasing sophistication of threat actors and the realities of cyber incidents for organizations all around the world. Attackers are focusing on the human element, as evident with the overwhelming targeting via business email compromise. No matter the method of intrusion, the stakes are even higher for business leaders as most successful ransomware attacks involve data exfiltration,” said Ian McShane, vice president, Managed Detection and Response (MDR), Arctic Wolf. “While we are encouraged by the increased adoption of cyber insurance and incident response readiness programs, it is clear that there is still work to be done to overcome perennial challenges for cybersecurity leaders, including the increased financial and productivity losses due to ransomware.”