STOCK TITAN

Comcast Business Report Finds Global Cybersecurity Community at a Crossroads as Technology Advancements Accelerate

Rhea-AI Impact
(Low)
Rhea-AI Sentiment
(Negative)
Tags
Rhea-AI Summary
Comcast Business releases its inaugural Cybersecurity Threat Report, providing insights into the global cybersecurity landscape and strategies to protect organizations. The report highlights the prevalence of phishing and malware attacks, the importance of user awareness, and the need for comprehensive security solutions. It also discusses the exploitation of vulnerabilities like open ports and misconfigured systems, the targeting of remote desktop vulnerabilities, and the ongoing threat of the Apache Log4j vulnerability. Distributed Denial-of-Service (DDoS) attacks are also a concern, with the education sector being the most targeted industry segment.
Positive
  • Comcast Business releases its inaugural Cybersecurity Threat Report, providing insights into the global cybersecurity landscape and strategies to protect organizations.
  • The report highlights the prevalence of phishing and malware attacks and the importance of user awareness.
  • It emphasizes the need for comprehensive security solutions and the exploitation of vulnerabilities like open ports and misconfigured systems.
  • The report discusses the targeting of remote desktop vulnerabilities and the ongoing threat of the Apache Log4j vulnerability.
  • Distributed Denial-of-Service (DDoS) attacks are also a concern, with the education sector being the most targeted industry segment.
Negative
  • None.

Cybersecurity Threat Report dissects 23.5 billion attempted cybersecurity attacks against Comcast Business customers – phishing and malware dominate threat landscape

PHILADELPHIA--(BUSINESS WIRE)-- Comcast Business today announced the release of its inaugural Comcast Business Cybersecurity Threat Report, presenting essential insights into the global cybersecurity landscape and effective strategies for technology and security leaders to safeguard their organizations against evolving cyber threats.

“Technology is accelerating at a breakneck pace – bringing sophisticated new tools to both attackers and defenders. And although attacker tools are evolving, social engineering continues to be the leading tactic used to breach corporate networks,” said Noopur Davis, Executive Vice President, Chief Information Security and Product Privacy Officer, Comcast Corporation and Comcast Cable. “CISOs and CIOs have to adjust to the evolving threat landscape to protect their organizations and customers.”

The report leverages data from 23.5 billion cybersecurity attacks, spanning 500 threat types and 900 distinct infrastructure and software vulnerabilities, that Comcast Business helped customers navigate in 2022 and sheds light on the new threat matrix and strategies adversaries employ to access enterprise networks. Key themes from this year’s report include:

  • The majority of breaches now originate with the users of internal and external resources. Cyber-attacks used to begin with an exploit of a vulnerability in public-facing network resources that connect to applications and infrastructure within the network perimeter. Research has shown that today, approximately 67% of all breaches start with someone clicking on a seemingly safe link, which explains why adversaries begin 80-95% of all attacks with a phish.
  • Adversaries' use of reconnaissance tactics underscores the importance of only accepting network connection requests from trusted sources.
    Attackers do their homework to uncover vulnerabilities, like open ports and misconfigured systems, as evidenced by the 242 million reconnaissance scans of customer networks and assets. The top reconnaissance tools employed by adversaries include vulnerability scanners, botnets and phishing. Once inside a network, adversaries made 2.6 million attempts to modify or create new firewall rules to establish external communications for command-and-control operations and data exfiltration.
  • Remote desktop has become an increasingly targeted vulnerability.
    Adversaries used various methods, including remote desktop, theft and brute force attacks to steal credentials and gain unauthorized access to customer networks. Customer logs documented over 54 million attempts to exploit credentials for initial access. Additionally, bad actors capitalized on vulnerable Remote Desktop Protocol (RDP) configurations, resulting in over 185 million attempts to gain remote access. Unauthenticated users also exploited vulnerabilities in Transmission Control Protocol (TCP) and made 139 million attempts to establish connections to victim servers. Furthermore, credential-stealing malware contributed to 159 million attempts by adversaries to steal and use credentials to infiltrate compromised networks.
  • Adversaries continue to exploit the Apache Log4j vulnerability.
    The Apache Log4j vulnerability remains a significant threat due to the widespread deployment of millions of Java applications, leaving a staggering 72% of organizations vulnerable to exploits. Comcast Business prevented nearly 105 million Log4j exploit attempts in 2022. By regularly updating systems and optimizing operating performance, businesses can fortify their endpoints against potential cyber-attacks and mitigate the risks associated with Log4j exploits.
  • Distributed Denial-of-Service (DDoS) attacks will continue to be a concern as the world becomes more interconnected.
    Comcast Business detected 51,915 DDoS attacks in 2022. IT and technical service customers saw an increase in DDos attempts, making up 25% of attempts, joining education (46%), finance (14%) and healthcare (13%) as the most targeted industry segments. These attacks aimed to disrupt critical database servers and network resources, with over 210 million instances of denial-of-service attacks recorded.

“No organization has perfect security, but everyone needs to understand their cybersecurity risks and build a plan to address the threats and trends the industry is experiencing,” said Shena Seneca Tharnish, Vice President, Secure Networking and Cyber Security Solutions. “Technology teams today are best served through a comprehensive suite of powerful security solutions orchestrated to provide multiple layers of security.”

Download the 2023 Comcast Business Cybersecurity Threat Report here. To learn more about how Comcast Business can help safeguard your organization from an evolving set of cybersecurity threats, please visit our website.

About Comcast Business

Comcast Business offers a broad suite of technology solutions to keep businesses of all sizes ready for what’s next. With a range of offerings including connectivity, secure networking, advanced cybersecurity, and unified communications solutions, Comcast Business is partnering with business and technology leaders across industries and integrating Masergy, a leader in software defined networking, to help drive businesses forward. Backed by a next-generation network, Comcast Business has been recognized for its growth, innovation, and leadership in global secure networking.

For more information, call 800-501-6000. Follow on Twitter @ComcastBusiness and on other social media networks at http://business.comcast.com/social.

About Comcast Corporation

Comcast Corporation (Nasdaq: CMCSA) is a global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, our businesses reach hundreds of millions of customers, viewers, and guests worldwide. We deliver world-class broadband, wireless, and video through Xfinity, Comcast Business, and Sky; produce, distribute, and stream leading entertainment, sports, and news through brands including NBC, Telemundo, Universal, Peacock, and Sky; and bring incredible theme parks and attractions to life through Universal Destinations & Experiences.

Matt Helmke, Corporate Communications

Comcast Corporation

215.286.8666

matt_helmke@comcast.com

Source: Comcast Corporation

FAQ

What does the Comcast Business Cybersecurity Threat Report provide?

The report provides insights into the global cybersecurity landscape and strategies to protect organizations.

What are the key themes discussed in the report?

The report highlights the prevalence of phishing and malware attacks, the importance of user awareness, and the need for comprehensive security solutions.

What vulnerabilities are exploited by attackers?

Attackers exploit vulnerabilities like open ports and misconfigured systems, as well as remote desktop vulnerabilities.

What is the ongoing threat mentioned in the report?

The report highlights the ongoing threat of the Apache Log4j vulnerability.

Which industry segment is most targeted by Distributed Denial-of-Service (DDoS) attacks?

The education sector is the most targeted industry segment for DDoS attacks.

Comcast Corp

NASDAQ:CMCSA

CMCSA Rankings

CMCSA Latest News

CMCSA Stock Data

163.11B
3.79B
0.71%
87.26%
1.6%
Telecom Services
Cable & Other Pay Television Services
Link
United States of America
PHILADELPHIA