To ensure the X-Analytics Application remains current and produces reliable outcomes, the X-Analytics Research Team aggregates and analyzes historical and cyber risk intelligence data to calibrate backend variables within X-Analytics.
This update includes:
Threat
Industry Threat Baselines: -0.9% change
The industry threat baselines decreased by an average of 0.9% since the last update.
Most notable, Transportation & Warehousing (48,49), Public Administration (92), and Accommodations and Food Services (72) have the largest decreases in threat activity. For this most part, these industries are experiencing a decrease in insider misuse and human error activity
However, Finance and Insurance (52), Healthcare and Social Assistance (62), and Professional, Scientific, and Technical Services (54) continue to have the most significant threat activity. These industries are experiencing high volumes of web application attacks and everything else (which is an aggregation of unknown or undisclosed activity).
Denial of Service Attacks, Crimeware (including ransomware), and Web Application Attacks are the top three threat categories (in order of most likely to least likely).
The decrease in threat activity is partially related to decreases in insider unauthorized access, misconfigured firewalls, document theft, non-compliance issues, and identity theft.
Threat Conclusion: The decrease in threat activity will cause a decrease in cyber exposure for most customers.
Data Breach Probability
Data Breach Probability Baseline: -1.8% change
Data breach probability baseline decreased by an average of 1.8% since the last update.
The decrease in data breach probability is related to an increase in phishing, ransomware which includes data theft, and document theft.
The average size of data breach is still holding between 100k and 200k records.
Data Breach Conclusion: The decrease in data breach probability will cause a decrease in data breach cyber exposure for most customers.
Business Interruption
Business Interruption (DoS) Probability Baseline: -8.3% change
Business interruption (DoS) probability baseline decreased by an average of 8.3% since the last update.
However, short duration DDoS attacks increased since the last update. The DoS baseline probability increased by 9.4% for durations between 0.5 hours and 4 hours, increased by 63.2% for durations between 5 hours and 8 hours
The DoS baseline probability decreased by 13.2% for durations greater than 8 hours
The increase in short duration DDoS attacks is mainly related to an increase in HTTP-based DoS attacks and OSI model layers 3 and 4 based DoS attackss.
The increase in short duration DDoS attacks is mainly related to an increase in HTTP-based DoS attacks and OSI model layers 3 and 4 based DoS attacks.
Business Interruption (Other) Probability Baseline: -4.3% change
Business interruption (Other) probability baseline decreased by an average of 4.3% since the last update.
The decrease in probability is directly related to improve cyber resilience actions, such as error reduction, fast failover capabilities and better IT management.
Business Interruption Conclusion: The decrease in business interruption (DoS) probability and the decrease in business interruption (Other) probability will cause a decrease in business interruption cyber exposure for most customers.
Ransomware
Ransomware Probability Baseline: +0.7% change
Ransomware baseline probability has increased by an average of 0.7% since the last update.
This slight increase in ransomware probability is related to an increase in Akira, BlackCat (including Scattered Spider), Rhysida, Lockbit, and other ransomware activity.
Ransomware Extortion: +4.4% change
Low Impact Extortion: +5.0% change Ransomware low impact extortion has increased by 5.0% since the last update.
Median Impact Extortion: +4.4% change Ransomware median impact extortion has increased by 4.4% since the last update.
High Impact Extortion: +2.2% change Ransomware high impact extortion has increased by 2.2% since the last update.
Worst-Case Impact Extortion: +1.9% change Ransomware worst-case impact extortion has increased by 1.9% since the last update.
This increase in ransomware extortion is a related to an increase in organizations paying the ransom and an increase in extortion demands (despite strong negotiation tactics to reduce extortion amounts).
Ransomware Conclusion: The increase in ransomware probability and the increase in ransomware extortion will cause an increase in ransomware cyber exposure for most customers.
Misappropriation
Misappropriation Probability Baseline: +1.3% change
Misappropriation probability baseline has decreased by an average of 1.3% since the last update.
The increase in misappropriation probability is partially related to an increase in outside social engineering attacks.
Misappropriation of Funds - % of Payments Related to Fraud: -4.6% change
Misappropriation of Funds (% of payments related to fraud) has decreased by 4.6% since the last update.
The decrease in "percent of payments related to fraud" is partially related to improved, ACH, and other fraud countermeasures.
Misappropriation Conclusion: The increase in misappropriation probability will cause an increase in misappropriation of intellectual property cyber exposure for most customers, and the decrease in "percent of payments related to fraud" will cause a decrease in misappropriation of funds cyber exposure for most customers.
If you have questions, please submit a support request here.