The report highlights significant changes in  the cybersecurity landscape, driven by sophisticated threat actors, an  expanding attack surface and the transformative power of AI.
"Armed  with a newfound arsenal of AI-based capabilities and a landscape littered with vulnerable  systems, cybercriminals are having a moment,” said Noopur Davis, Chief  Information Security and Product Privacy Officer, Comcast Corporation. 
	
	
		
		Our findings confirm that despite these advancements, a multi-layered approach combining advanced protection, detection, managed services, and vigilant maintenance of security practices, can help enterprises protect their digital assets and enhance their resilience against sophisticated threats.
	
	
 
This  report offers a comprehensive overview of the rapidly evolving global cyber  threat landscape, based on cybersecurity events detected by Comcast Business  across its security customers in 2023. The report highlights an intensifying  global threat landscape, including the following:
- AI  amplifies cyber risks but offers powerful tools to mitigate threats. 
 For  both bad actors seeking to steal corporate data and IT security professionals  tasked with protecting it, AI is changing the rules of engagement. Defenders  are increasingly utilizing AI and machine learning to analyze malware and log  data at scale, as well as to scan entire systems for anomalies and  automatically respond to threats. AI can act as a force multiplier for defensive  teams working to safeguard their organizations and data.
- Phishing  attacks are on the rise, threatening businesses worldwide.
 Phishing remains the primary method used by  attackers to gain initial access to networks, with over 2.6 billion  interactions detected by Comcast Business. Additionally, over 90% of the  phishing interactions Comcast Business blocked were designed to direct victims  to phishing sites hosting malware. The trend underscores the need for robust  anti-phishing technologies, user education, and email gateway platforms to  combat this growing threat.
- Bad actors are employing advanced lateral  movement techniques to navigate networks.
 Remote services were the most exploited method  for lateral movement, with over 409 million events detected by Comcast  Business. Employing tools like Endpoint Detection and Response (EDR) and  Managed Detection and Response (MDR) can help IT staff identify early-stage  threats by monitoring network activity for anomalies in user behavior. They help  protect devices connected to enterprise networks by using AI to proactively  detect, investigate, remove, and remediate malware, phishing, and ransomware.
- Attackers are increasingly using encrypted  channels and proxies to hide their command and control (C&C) communications.
 By exploiting these protocols, attackers can  mask their malicious activities and evade detection. Domain Name System (DNS)  tunneling remains a popular technique to bypass traditional security measures,  with over eight million observed events. Similarly, Transmission Control Protocol  (TCP) was used in 104,000 events to provide reliable communication channels,  often with encrypted payloads that further obscure malicious activities. The  use of Windows Remote Management (WinRM), which saw nearly 78 million events, was  also prevalent. These methods underscore the need for sophisticated detection  tools to identify and mitigate covert malicious activities.
- Distributed Denial of Service (DDoS) attacks  and ransomware pose significant risks.
 Comcast Business identified and blocked over one  billion attempts to destroy data. Additionally, there were more than 126  million blocked instances of malware or botnets designed specifically for  financial theft, underscoring the financial motivations behind many  cyber-attacks. DDoS attacks remained a major threat to Comcast Business  customers, with 103,000 reported events. This surge emphasizes the need for  robust DDoS protection and mitigation strategies.
The report provides CISOs, CIOs, and security  leaders with a deep dive into how cyber threats can breach and then spread across  global networks. This analysis enables them to make informed security decisions  for protecting critical assets. The report's trends and findings underscore the  importance of adopting a multi-layered approach to cybersecurity to bolster  defenses against evolving global threats.
                                                                    
To learn more about Comcast Business’s advanced  cybersecurity solutions, or to access the full 2024 Comcast Business  Cybersecurity Threat Report please visit: https://business.comcast.com/enterprise/products-services/cybersecurity-services.