SecurityBrief US - Technology news for CISOs & cybersecurity decision-makers
United States
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Advanced Persistent Threat Protection
#
Cybersecurity
#
IT Industry

IT-ISAC identifies top cyber threats using new framework

Today
Author image
By Shannon Williams, Journalist

The Information Technology - Information Sharing and Analysis Center (IT-ISAC) has identified significant cyber threat actors targeting the IT industry, using a new framework designed to assess such risks.

The report, known as the IT Sector Cyber Threat Report, employs the Predictive Adversary Scoring System (PASS) to meticulously evaluate adversaries. PASS leverages a set of metrics that measure numerous risk factors, including level of activity, frequency of sector targeting, sophistication or impact, and motivation. This approach allows for a rating system where threat actors are scored up to a maximum of 128 points. Through this analysis, IT-ISAC identified 58 high-risk adversaries from a pool of over 230 known threats.

According to Scott Algeier, Executive Director of the IT-ISAC, understanding the motivations and operations of these cyber adversaries is crucial. "Understanding who is targeting the IT sector, how they operate, and what motivates them is crucial for companies to manage risks," said Algeier. He further noted the benefits of PASS by stating, "PASS helps organizations make data-driven decisions so that they can allocate their limited resources to maximum effect."

The report highlights the top five threat actors, detailing their motivations, commonly used tactics, techniques, and procedures (TTPs), and suggests steps for companies to mitigate associated risks. Prominent names among the threat actors include Lazarus with a score of 118 out of 128, Scattered Spider scoring 108, and the newly active group RansomHub with a score of 97.

The motivational drivers behind these threats are split closely between financial incentives and geopolitical reasons, with 51.7% of threats being financially motivated and 48.3% geopolitically. Spearphishing attacks remain the most utilised tactic by these adversaries.

IT-ISAC plans to elaborate on these findings in an upcoming public webinar, aimed at offering insights into the evolving cyber threat landscape. This webinar will cover the most prolific threat actors of 2024, their attack patterns, and predictions for cyber threats in 2025, including expected trends and mitigation strategies. A live question and answer session with IT-ISAC analysts and cybersecurity professionals will also be part of the event.

The full report detailing these findings is available to IT-ISAC members, though a public version summarising key points is also provided. Members gain access to more in-depth analyses of non-public findings, which supports their cybersecurity preparedness efforts.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Medusa ransomware threat continues to challenge firms
Brivo unveils cloud-based platform to simplify security
Kiteworks achieves FedRAMP High Ready status for Gov Cloud
Mandiant uncovers UNC3886 cyber-attack on Juniper routers
SUSE integrates with Microsoft for enhanced cloud security
Top stories
CASwell introduces AI-enhanced fan-less cybersecurity device
VMware vulnerabilities highlight need for data protection
US leads global online fraud rates, new study reveals
FBI warns of rising threat from Medusa ransomware group
Exclusive: GBG's Carol Chris on innovation, fraud prevention and growth