Comcast Business released its 2024 Cybersecurity Threat Report, providing IT and security professionals with in-depth analysis of 29 billion cybersecurity events detected across its security customers in 2023. The report provides insight into ‘a rapidly evolving cyber landscape, where sophisticated threat actors, an expanding attack surface and AI are reshaping both cyber threats and defense strategies.
This report highlights the transformative role of AI in cybersecurity, which, while amplifying risks, also provides powerful mitigation tools. AI allows defenders to analyze malware, record data at scale, search for anomalies in systems, and respond automatically to threats, acting as a force multiplier for cybersecurity teams. Meanwhile, the report identifies phishing as the leading tactic used by attackers to gain first access, with more than 2.6 billion phishing-related interactions detected and 90% of these interactions directing users to phishing sites hosting malware.
Additional findings reveal the prevalence of advanced lateral movement techniques within networks, with remote services being the most leveraged method, as evidenced by 409 million detected events. Tools like Endpoint Detection and Response (EDR) and Managed Detection and Response (MDR) are essential for monitoring user behavior and detecting threats early. Attackers are also increasingly using encrypted channels, proxies, and protocols such as Domain Name System (DNS) tunneling to evade detection, with more than eight million events associated with DNS tunneling and 104,000 related to TCP (Transmission Control Protocol) events.
Noopur Davis, Chief Information Security and Product Privacy Officer, Comcast Corporation
Armed with a new arsenal of AI-driven capabilities and a landscape full of vulnerable systems, cybercriminals are enjoying a prime moment. Our findings confirm that despite these advances, a multi-layered approach combining advanced protection, detection, managed services, and vigilant maintenance of security practices can help businesses protect their digital assets and improve their resilience against sophisticated threats.
