1、CTI Spotlight Trends ReportOctober 2024Methodology2 Kroll CTI monthly spotlights are based on intelligence from Krolls cyber incident response engagements where we are engaged to respond,manage,or mitigate a cybersecurity incident.Krolls incident response work is informed by intelligence gained from

2、 the 3,000+engagements handled per year by the Kroll Cyber Data&Resilience team.Data is collected and processed by the Kroll Cyber Threat Intelligence team during the initial scoping intake as well as during the lifecycle of a Kroll engagement.Kroll currently reports on data on a monthly and quarter

3、ly basis through the monthly spotlights and Quarterly Threat Landscape reports.TLP:CLEARKey Takeaways Key Takeaways Initial Access MethodsInitial Access MethodsPhishing Link(29%)Valid Accounts Insider(25%)Social Engineering(19%)Most Impacted SectorsMost Impacted SectorsTop Ransomware VariantsTop Ran

4、somware VariantsCLOAK MEDUSA RAWORLD CHORTLOCKER Top Threat Incident TypesTop Threat Incident Types Email Compromise(48%)Insider Threat(19%)Unauthorized Access(13%)Ransomware(9%)Professional Services(24%)Financial Services(18%)Manufacturing(16%)TLP:CLEARSector AnalysisOctober 2024PROFESSIONAL SERVIC

5、ES WAS THE MOST IMPACTED SECTOR THROUGHOUT OCTOBER 2024 Email Compromise was the top threat incident type impacting the professional services sector.In October,threats against the professional services sector most often involved Phishing Link and Social Engineering as the initial access methods.FINA

6、NCIAL SERVICES WAS THE 2nd MOST IMPACTED SECTOR IN OCTOBER 2024 Email Compromise was the top reported threat incident types impacting the manufacturing sector.In October,threats against the manufacturing sector most often involved Phishing Link as the initial access method.TLP:CLEARRansomware Analys