Comcast publishes 2024 Cybersecurity Threat Report. Comcast contractor hit with cyberattack

Sponsor ad - 728w x 90h (at 72 dpi)

An analysis of 29 billion attempted cybersecurity attacks against customers of Comcast Business found that cybercriminals leverage AI to create more convincing deepfakes and phishing attacks.  While the findings published in the resulting report wasn’t specifically about ‘piracy,’ it shows how vulnerable business enterprises can be to the theft of data that can drive pirate attacks against consumers.

At the same time, AI and machine learning are increasingly being used “to analyze malware and log data at scale, as well as to scan entire systems for anomalies and automatically respond to threats. AI can act as a force multiplier for defensive teams working to safeguard their organizations and data,” said Comcast Business.

Sponsor ad

The Comcast Business 2024 Cybersecurity Threat Report details the evolving global cyber threat landscape, based on cybersecurity events detected by Comcast Business across its security customers in 2023.

According to this analysis, as well as publicly-available data from third-party sources, Comcast found “a marked increase in the frequency and complexity of attacks, particularly in areas like phishing, ransomware, and exploitation of public-facing applications.

“Dark web marketplaces continue to facilitate the exchange of sophisticated malware, stolen credentials, and other illicit tools and services, enabling even novice attackers to launch highly effective campaigns,” said Comcast Business.

Popular Credential Access Techniques. Source: 2024
Comcast Business Cybersecurity Threat Report. Comcast Business

In addition to those conclusions, Comcast Business found that attackers increasingly use encrypted channels and proxies to hide their command and control communications, and that cybercriminals exploit advanced lateral movement techniques to evade detection. DDoS and ransomware attacks also continue to pose great risk.

Comcast not immune

In an ironic twist, a third party debt collection agency used by Comcast, Financial Business and Consumer Solutions (FBCS), suffered a ransomware attack that resulted in theft of the personal data of 237,703 individuals who were Comcast subscribers in 2021.   The office of the Attorney General for the State of Maine posted the breach notification on its Web site.  According to TechCrunch, it was a ransomware attack.

An announcement by FBCS detailed that hackers gained access to their names, addresses, Social Security numbers, dates of birth, and Comcast account numbers and ID numbers. The attack was discovered in Feburary 2024. Comcast notified those affected on August 16, 2024.

According to FBCS, “the type of information that may have been impacted varies per person and may include consumer name, address, date of birth, Social Security number, driver’s license number, other state identification number, medical claims information, provider information, and clinical information (including diagnosis/conditions, medications, and other treatment information), and/or health insurance information.”

Again, to be clear, this was a contractor, not Comcast.

Further reading

Comcast Business 2024 Cybersecurity Threat Report: Artificial Intelligence Drives New Era of Cyber Threats and Defenses. Press release. October 7, 2024. Comcast Business (via Businesswire)

The 2024 Comcast Business Cybersecurity Threat Report. Web landing page (enter contact details to download). October 7, 2024. Comcast Business

Comcast says customer data stolen in ransomware attack on debt collection agency. Article. October 7, 2024. TechCrunch

Notice of Data Event (the cyberattack that exposed Comcast customer data). Announcement. (Undated). Financial Business and Consumer Solutions Inc.

(Notice of data breach to Comcast Cable Communications LLC (supplemental notice regarding incident at Financial Business and Consumer Solutions, Inc. (“FBCS”)). Web landing page. Data Breach Notifications. Office of the Maine Attorney General.

Why it matters

The Comcast Business Cybersecurity Threat Report provides CISOs, CIOs, and security leaders with a deep dive into how cyber threats can breach and then spread across global networks. This analysis enables them to make informed security decisions for protecting critical assets. The report’s trends and findings underscore the importance of adopting a multi-layered approach to cybersecurity to bolster defenses against evolving global threats.

“The evolving threat landscape demands a multi-layered approach to cybersecurity. Organizations must prioritize the implementation of advanced detection and response capabilities, enhanced network monitoring, and proactive threat hunting strategies. The interplay between various attack vectors underscores the need for a holistic “Defense-in-Depth” security posture that integrates technological solutions with comprehensive managed services and effective staff training and education programming,” said Comcast Business

Comcast is one of the world’s largest providers of media programming and telecommunications services.  Like other large communications providers – such as Verizon Business and Amazon Web Services, to name just two – Comcast leverages the expertise it built for internal use, to provide professional services to other companies – hence, Comcast Business.

With respect to the hack against FBCS, the question as to why a collection agency would find “clinical information (including diagnosis/conditions, medications, and other treatment information), and/or health insurance information” to be useful is a question for another day.

All the more reason for consumers to question the use of personal details by service providers, which are always at risk for attacks that will expose and exploit it.

From our Sponsors