55% of threat groups active in 2024 were financially motivated | Security Magazine

Mandiant’s latest report highlights a growing trend in financially motivated cyberattacks, with 55% of tracked threat groups in 2024 driven by profit—up from 52% in 2023. Exploits remained the top initial attack vector (33%) for the fifth straight year, while stolen credentials surged to second place (16%) for the first time. Other notable vectors included phishing (14%) and web compromises (9%). The most targeted sectors were financial services, business services, high tech, government, and healthcare. Alarmingly, 57% of breaches were first detected by external parties, including law enforcement, vendors, or the attackers themselves.