2023 Comcast Business Cybersecurity Threat Report
Technology is accelerating faster than it ever has before, giving IT and security teams more tools to fend off cybersecurity attacks from an increasingly diverse slate of bad actors. However, the tactics attackers are using to access systems are also growing more sophisticated by the day. Access to armies of botnets and sprawling lists of customer data are just a few clicks away on the dark web.
The 2023 Comcast Business Cybersecurity Threat Report was developed to help technology and security leaders get a deeper understanding of trends in cybersecurity threats—and the steps they can take to help protect their organizations from an evolving set of threats. Our goal is to provide insights from billions of threat data points and context around common ways that cybersecurity attacks arise and unfold.
This report provides a wide-angle view, based on the analysis of 23.5 billion cybersecurity attacks Comcast Business detected across our vast pool of security customers in 2022. The numbers presented throughout the report represent the collective and anonymized data of customers using Comcast Business security solutions, including DDoS mitigation, endpoint detection and response, vulnerability scanning and exposure management, managed detection and response, and others.
In this report, we explore:
- The anatomy and chronology of a cyberattack: From pre-attack reconnaissance and initial attempts to access, lateral movement, discovery, and extraction, we’ll unpack every stage of a cyberattack and the tools and methods adversaries use to gain access to and exploit your network and systems.
- Critical links between malware and phishing: With the majority of malware delivered via phishing, it’s imperative to understand the doors that phishing opens to network access and how adversaries use backdoor malware—with 14 million attempts observed in 2022—to establish command and control centers and ensure repeatable access.
- A growing vulnerability landscape: Over 26,000 new application and infrastructure vulnerabilities were added to the National Vulnerability Database last year. Explore the most prevalent categories, walk through the top 10 vulnerability exploits observed by Comcast Business in 2022, and understand evolving best practices for patch management.
- Common evasion tactics: Once inside a network, adversaries use ever-changing techniques to elevate permissions, hijack credentials, modify policies, and gain root access to other systems while appearing invisible to security teams. This report will walk through the nearly 27 million suspected evasion tactics logged by Comcast Business last year, including critical vulnerabilities exploited in common business software applications.
- Exfiltration and impact techniques and consequences: Adversaries always have an end goal. Explore the most common manipulation tools enemies use to extract value from data and systems, including data theft, ransomware, resource hijacking, and distributed denial of service.
As a critical network provider, offering connectivity and security services to businesses of all sizes, we’re proud to launch the first iteration of this report. We hope it will help technology leaders understand—based on real-life data—where the most pressing threats loom and how they can best invest their cybersecurity efforts and resources.