Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More
Trustwave SpiderLabs, in its just-released report 2024 Professional Services Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies, has uncovered an increasing number of ransomware, third-party supplier, and technology-based attacks targeting the professional services sector.
The professional services sector, which includes consulting, business, management consulting, accounting, and legal services for this report, is a prime target for threat actors due to the treasure trove of information these businesses contain. This data can range from intellectual property to legal documents to client personally identifiable information (PII), which can be sold on the Dark Web or used to launch additional attacks.
Beyond the possibility of having an organization or firm physically impacted or knocked offline, a cyberattack has the potential to do an untold amount of reputational damage, which in the long run, could destroy the victim's ability to conduct business. Additionally, many professional services firms must adhere to federal, state, and local compliance regulations that, if broken or abused through a cyberattack, can cause additional financial loss and stress on the business and its leadership.
"In today's digital landscape, a cybersecurity breach for professional services firms isn't just an inconvenience, it can be catastrophic," said Trustwave Global CISO Kory Daniels. "The financial losses from recovery, legal fees, and potential fines are just the tip of the iceberg. The severe reputational damage can erode years of client trust and stall future business. Operational disruptions, employee stress, and increased regulatory scrutiny further compound these challenges. This is why robust cybersecurity is no longer optional, it's a critical priority for these information-rich firms.
The Trustwave SpiderLabs report notes that many threats facing professional services providers overlap with those with which the healthcare, financial, manufacturing, and other sectors deal. However, each threat has a slightly different spin in this category.
Interestingly, Trustwave SpiderLabs found Lockbit and Blackcat/ALPHV among the most active threat actors, although this may change in the future as each was disrupted by recent law enforcement actions. These groups remain the top two most active ransomware operators, with only slight differences in the frequency of reported incidents. The third position is now occupied by the 8Base group.
All attack groups use the same bag of tricks for attacking professional service organizations as other sectors. Phishing, Business Email Compromise, exploiting vulnerabilities, various types of malware, and gaining access via access and data brokers who operate on the Dark Web. However, while the tactics are similar, threat groups put a special spin on them when used against a professional services firm.
For example, Trustwave SpiderLabs researchers have monitored attorney impersonation scams. Attorney impersonation involves pretending to be a legal representative of a vendor company or law firm to deceive victims with fake invoices, directing payments to attackers' bank accounts. Scammers use a similar method, pretending to be debt recovery officers, and esignature platforms like DocuSign and Adobe Sign, commonly used in professional services circles, luring people into clicking malicious links.
Additional examples, along with security recommendations and mitigations, are included in the report.
The professional services sector report is the latest in a series researched and published by Trustwave SpiderLabs. Please visit these for an in-depth analysis of the security issues facing each industrial sector:
Please download the 2024 Professional Services Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies for all the background details on these threats, the groups behind them, and how to properly defend your professional services firm.
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.