30% of Security Breaches in First Half of Year Are Data Leakage Attacks... Proliferation of Specialized Penetration Brokers

by Kim Chulhyun

Published 20 Jun.2023 12:00(KST)

Initial Access Broker (IAB) Proliferation
Ransomware Attack Segmentation
Increased Use of Old Vulnerabilities

In the first half of this year, information leakage incidents involving the theft of corporate secrets or individuals' financial information accounted for the highest proportion at 30%. On the 20th, SK Shieldus (CEO Park Jin-hyo) held a media seminar sharing the major security trends and outlook for the first half of the year, revealing these findings. EQST, SK Shieldus's white-hacker expert group, introduced major hacking cases that occurred in the first half, breach incident statistics by industry, and key attack scenarios during the seminar.

EQST reported that the attack rate in the first half of this year increased by 49.33% compared to the first half of the previous year. In particular, large-scale ransomware attacks exploiting old vulnerabilities and malware infection incidents abusing zero-day vulnerabilities increased, accounting for 28% of the total. EQST explained that ransomware groups are becoming increasingly organized, and an ecosystem has been established where attacks can be easily attempted without specialized knowledge to gain financial benefits.

SK Shielders EQST Lab Head Lee Hoseok is giving a presentation on the "Statistics of Security Incidents by Type" at the '2023 First Half Security Trends and AI Security Threat Outlook' media seminar held on the morning of the 20th at the SUPEX Hall in SK T Tower, Jung-gu, Seoul.

Looking at breach incident statistics by industry, manufacturing accounted for the highest proportion domestically at 19%. This was due to the active activities of Initial Access Brokers (IABs) specializing in initial infiltration to steal corporate confidential or business information targeting the manufacturing sector. Attacks exploiting solution vulnerabilities targeting the service industry were also prevalent. Domestically, this accounted for 15%, the second highest after manufacturing. Internationally, it was the highest at 20%. Breach incidents involving the distribution of malware targeting virtual assets to steal financial information recorded 12% domestically and 14% internationally.

EQST forecasted the major security threats for the second half of the year as ▲ expanded software supply chain attacks ▲ changes in the ransomware market ▲ increase in North Korea-originated hacking ▲ attacks exploiting software vulnerabilities ▲ diversification of phishing patterns. In particular, it analyzed that representative North Korean hacker groups such as 'Kimsuky' and 'Lazarus' are enhancing spear phishing targeting specific targets and malware functionalities, which is expected to increase the damage.

Hot Picks Today

"Rather Than Endure a 1.5 Million KRW Stipend, I'd Rather Earn 500 Million in the U.S." Top Talent from SNU and KAIST Are Leaving [Scientists Are Disappearing] ①

EQST also revealed security threats related to generative AI, which has recently emerged as a mega trend, along with corresponding attack scenarios. Security threats are broadly classified into types targeting AI models and training data, and threats arising from the abuse of AI-utilized services. Threats targeting AI models include attacks that manipulate input data or add malicious data to manipulate the model. Lee Jae-woo, head of the EQST Business Group at SK Shieldus, said, "As generative AI advances, automation of attacks and leveling up of attack sophistication are expected, and generative AI will be essential for defense against such attacks." He added, "EQST will conduct research on the application of generative AI for defense and proactively propose countermeasures against increasingly sophisticated attacks."

한글 기사 보기

This content was produced with the assistance of AI translation services.