According to the report, 22.9% of all detected high-severity incidents were recorded in the government sector. IT companies came second (15.4%), closely followed by financial and industrial companies that reported 14.9% and 11.8% of incidents respectively.
The annual Managed Detection and Response (MDR) Analyst Report provides information about the reported incidents, their nature, and their distribution by industry and geographic region. It also highlights the most common tactics, techniques and tools attackers used in the past year. These results are based on analysis of MDR incidents detected by the Kaspersky Security Operations Center (SOC).
Regarding the nature of these incidents, nearly 25% of them were driven by humans. The percentage of malware attacks resulting in serious consequences dipped slightly in 2023 compared to previous years, accounting for just over 12% of the total reported critical incidents. This decline represents the smallest share of high severity incidents in recent years and can be attributed to the “commoditization of attacks”.
The 2023 MDR’s report, also found that the proportion of incidents involving the detection of targeted attack artefacts, publicly available critical vulnerabilities and the use of social engineering was around 4-5%.
Meanwhile, comparing cyberattack statistics between Pakistan’s first quarters of 2023 and 2024 reveals a mixed landscape of threats. According to Kaspersky telemetry, backdoor -attacks saw a moderate increase in 2024 indicating persistent vulnerabilities in digital infrastructures. The most notable surge was observed in spyware attacks, showing an increase of 300% of cases during Q1 of 2024 as compare to Q1 of 2023, highlighting growing concerns over espionage and data exfiltration. While banking malware attacks shows a more than 50%of decline from 2023. These fluctuations emphasize the imperative for continuous enhancement of cybersecurity measures to protect Pakistan’s digital infrastructure from diverse and evolving threats.
“In 2023, Kaspersky detected a smaller number of high-severity incidents, but observed a simultaneous increase in the number of medium and low severity ones. It’s important to understand that the low number of high-severity incidents does not necessarily indicate low damage. Targeted attacks are now planned more carefully, and become more dangerous. Therefore, we recommend the use of effective automated cybersecurity solutions managed with the help of experienced SOC analysts,” comments Hafeez Rehman, Technical group manager at Kaspersky.
To enhance protection against advanced attacks, companies are advised to implement effective cybersecurity solutions and hire qualified practitioners to manage them or adopt managed security services such as Managed Detection and Response (MDR) and Incident Response.
The full Kaspersky Managed Detection and Response Analyst Report 2023 is available via this link.