In the first half of 2024, the Cybervergent Security Operations Center (SOC) identified 586,130 cyber threats, an increase in cyber-attacks across various sectors.
During an exclusive media roundtable hosted by the cybersecurity firm, which provided insights into the trends and developments impacting the cybersecurity sector in the first six months of the year 2024, Gbolabo Awelewa, chief solutions officer at Cybervergent, explained the importance of cybersecurity vigilance.
“In the past, we did a lot of this work without making it public. As tech people, we worked with our customers and didn’t realize how much we could improve the ecosystem by sharing these insights,” Awelewa said, pointing to the need for greater transparency within the industry.
The rise in cyber-attacks in Africa surged by 37%, with organizations facing an average of 2,960 attacks per week.
This surge, coupled with evolving threats, stressed the importance of SOCs in monitoring, detecting, and mitigating risks.
The SOC was likened to a fitness trainer, providing personalized recommendations to strengthen organizational cybersecurity measures, ensuring that systems remain resilient even in the dynamic threat space.
The H1 report also disclosed that 19,920 endpoints were actively protected, while 226,103 security events were resolved through automated processes. However, the SOC also faced challenges, including the identification of 13,305 false positives, which the platform meticulously filtered out.
Cyber Weaknesses and Challenges
The report shed light on weaknesses that continue to affect organizations, particularly in sectors like financial services and healthcare.
One major issue identified was the use of outdated legacy systems. “Many organizations, especially in financial services, are using legacy systems that are out of support. These systems often have vulnerabilities that can be exploited,” Awelewa said.
He noted that efforts to put compensating controls around such systems often lead to further complications, especially when resources are limited.
Other challenges included human error, insufficient training, and a lack of awareness of the latest security standards, which left many organizations vulnerable to breaches.
Awelewa further explained that fraud cases are often a result of intentional human actions, disguised as errors. “The biggest leaks in organizations today are due to human error — both intentional and unintentional,” he added.
Malware Trends and Threat Landscape
The report detailed several emerging malware threats that organizations faced, including SocGholish, which uses social engineering to trick users into downloading malicious files, and Scattered Spider (UNC3944), which bypasses multi-factor authentication and infiltrates through cloud identities.
The growing threat of Rilide Stealer was also revealed. This targets Chromium-based browsers to steal email credentials and crypto assets, as well as Vidar Infostealer, which compromises everything from crypto wallets to web browsers.
One of the most concerning malware identified was Vidar Infoskiller, a particularly dangerous tool that targets Windows-based applications and crypto wallets. Awelewa described the malware as “capable of bypassing multiple security layers, leading to serious financial losses.”
He advised organizations to regularly update their software and educate employees on the latest phishing tactics to mitigate such risks.
Industry-Specific Challenges
Cybervergent’s report also disclosed sector-specific cybersecurity challenges. For instance, the healthcare sector faces several difficulties in handling sensitive patient data within complex systems, while the education sector is constrained by limited budgets, preventing investments in advanced security measures.
The manufacturing and retail sectors were noted for their struggle in balancing operational technology (OT) and IT security.
SOC as a Pillar of Resilience
Cybervergent’s SOC played a very important role in defending against these evolving threats by continuously monitoring alerts, events, and threat indicators.
A total of 116,580 detection analytics were applied, and SOC analysts meticulously examined 304,522 events, leading to the identification of 42,200 potentially malicious activities. This approach allowed the SOC to tailor cybersecurity measures to improve clients’ overall cyber health.
Awelewa likened the SOC’s role to that of a fitness coach, constantly guiding organizations to strengthen their security posture. “Our job is to spot threats early and help our customers respond quickly. It’s all about being proactive,” he reiterated, stressing the need for organizations to adopt assertive cybersecurity measures instead of reactive approaches.
Cybervergent — H2 Focus on Zero-Day Exploits and CaaS
For the second half of 2024, Cybervergent looks to focus on combating zero-day exploits, strengthening cloud security, and addressing the rise of Cybercrime-as-a-Service (CaaS).
Awelewa emphasized the need for organizations to fortify their defences, particularly against insider threats and sophisticated ransomware attacks.
He called on all organizations to prioritize cybersecurity, treating it not just as a compliance requirement but as an integral component of their operational strategy.
Remaining vigilant and investing in strong security tools will enable companies to build a more resilient defence even as the digital environment becomes more hostile.
“In cybersecurity, it’s not about if an attack will happen, but when. Preparedness is key,” Awelewa concluded.
Author
