Artificial Intelligence, Machine Learning Headline Comcast’s Annual Threat Report

Comcast Business logged 29 billion cybersecurity “events” last year, with both the old (phishing) and the new (AI and machine learning) sharing the spotlight.
The company’s 2024 Cybersecurity Threat Report illuminated a vast and sophisticated landscape. Among the top trends is the impact of AI and machine learning on the tug of war between bad actors and cybersecurity professionals. Those professionals, the report found, are using these tools to analyze malware, log data at scale and scan entire systems for anomalies.
Other highlights from the report announcement:
- Phishing attacks are on the rise: Comcast Business customers had more than 2.6 billion suspected phishing attacks. More than 90% of the interactions Comcast Business blocked were designed to direct victims to phishing sites hosting malware.
- Bad actors are employing advanced lateral movement techniques to navigate networks: With more than 409 million events, remote services were the most exploited method for lateral movements in which bad actors gain access to networks and try to remain hidden.
- Attackers are increasingly using encrypted channels and proxies to hide their command and control (C&C) communications: There were more than 8 million Domain Name System (DNS) tunneling events. Transmission Control Protocol (TCP) was used in 104,000 events to provide reliable communication channels, often with encrypted payloads that further obscure malicious activities. There were almost 78 million events involving Windows Remote Management (WinRM).
- Distributed Denial of Service (DDoS) attacks and ransomware pose significant risks: Comcast Business says it identified and blocked more than 1 billion attempts to destroy data. There also were more than 126 million blocked instances of malware or botnets designed specifically for financial theft. There also were 103,000 DDoS attacks.
“Armed with a newfound arsenal of AI-based capabilities and a landscape littered with vulnerable systems, cybercriminals are having a moment,” said Comcast Chief Information Security and Product Privacy Officer Noopur Davis said.
“Our findings confirm that, despite these advancements, a multi-layered approach combining advanced protection, detection, managed services, and vigilant maintenance of security practices, can help enterprises protect their digital assets and enhance their resilience against sophisticated threats.”