* [Blog](https://origin-researchcenter.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://origin-researchcenter.paloaltonetworks.com/blog/corporate/)
* [Threat Intelligence](https://origin-researchcenter.paloaltonetworks.com/blog/category/threat-intelligence/?lang=zh-hant)
* Palo Alto Networks 威脅情報小組...

# Palo Alto Networks 威脅情報小組 Unit 42 全球事件回應報告 --- 攻擊速度加快 4 倍

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2F2026%2F03%2Funit-42-global-report-2026%2F%3Flang%3Dzh-hant)  
[](https://twitter.com/share?text=Palo+Alto+Networks+%E5%A8%81%E8%84%85%E6%83%85%E5%A0%B1%E5%B0%8F%E7%B5%84+Unit+42+%E5%85%A8%E7%90%83%E4%BA%8B%E4%BB%B6%E5%9B%9E%E6%87%89%E5%A0%B1%E5%91%8A+%E2%80%94+%E6%94%BB%E6%93%8A%E9%80%9F%E5%BA%A6%E5%8A%A0%E5%BF%AB+4+%E5%80%8D&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2F2026%2F03%2Funit-42-global-report-2026%2F%3Flang%3Dzh-hant)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2F2026%2F03%2Funit-42-global-report-2026%2F%3Flang%3Dzh-hant&title=Palo+Alto+Networks+%E5%A8%81%E8%84%85%E6%83%85%E5%A0%B1%E5%B0%8F%E7%B5%84+Unit+42+%E5%85%A8%E7%90%83%E4%BA%8B%E4%BB%B6%E5%9B%9E%E6%87%89%E5%A0%B1%E5%91%8A+%E2%80%94+%E6%94%BB%E6%93%8A%E9%80%9F%E5%BA%A6%E5%8A%A0%E5%BF%AB+4+%E5%80%8D&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://origin-researchcenter.paloaltonetworks.com/blog/2026/03/unit-42-global-report-2026/?lang=zh-hant&ts=markdown)  
\[\](mailto:?subject=Palo Alto Networks 威脅情報小組 Unit 42 全球事件回應報告 — 攻擊速度加快 4 倍)  
Link copied  
By [Sam Rubin](https://www.paloaltonetworks.com/blog/author/sam-rubin/?lang=zh-hant&ts=markdown "Posts by Sam Rubin")  
Mar 04, 2026  
1 minutes  
[Threat Intelligence](https://www.paloaltonetworks.com/blog/category/threat-intelligence/?lang=zh-hant&ts=markdown)

***AI*** ***加速攻擊、身分識別入侵，以及不斷擴大的軟體供應鏈暴露風險，共同形塑*** ***2026*** ***年的網路威脅版圖。***

每年，數千個組織都會經歷網路事件。事件可能始於 SOC 警報、零日漏洞、勒索要求或廣泛的業務中斷。當電話響起時，我們的全球事件回應人員會迅速動員起來，調查、遏制並消除威脅。

今年的 [Unit 42® 2026 全球事件回應報告](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report)分析了 50 多個國家、各主要行業的 750 多起重大網路事件，以揭開新興模式和防禦者的經驗教訓。

數據顯示攻擊展開方式發生了明顯轉變。威脅行為者行動更快，越來越多地利用身份和受信任的連接，並將攻擊擴展到多個攻擊面。這些入侵加速的速度、規模和複雜性意味著從初始訪問到業務影響之間的時間窗口正在縮小。然而，大多數的入侵之所以成功，仍然是由於可預防的可視性及安全控制方面的差距所致。

**主要發現顯示攻擊更快、更廣泛且更難遏制**

隨著對手調整其攻擊策略，報告強調了塑造 2026 年威脅格局的幾個決定性趨勢：

* AI 正在壓縮攻擊時間線： 在我們調查的最快案例中，攻擊者僅需 72 分鐘即可從初始訪問轉移到數據外洩，比去年快 4 倍。我們看到 AI 被用於偵察、網路釣魚、腳本編寫和操作執行，進而實現如同機器運作般的快速、大規模的攻擊。
* 身份憑證現已成為主要攻擊媒介： 身份弱點在我們近 90% 的調查中發揮了實質性作用。通常情況下，攻擊者並不是闖入；他們是使用被盜的憑證和權杖登錄，然後利用分散的身份資產來提升權限並橫向移動，而不會觸發傳統防禦。
* 供應鏈風險現已導致營運中斷： 在 23% 的事件中，攻擊者利用了第三方 SaaS 應用程式。透過濫用受信任的整合、供應商工具和應用程式依賴項，他們繞過了傳統邊界，並將影響擴展到單一系統之外。
* 攻擊複雜性正在增加： 我們發現 87% 的入侵涉及多個攻擊面的活動。攻擊很少只停留在一個環境中。相反，我們看到端點、網路、雲端、SaaS 和身份之間協調的活動，迫使防禦者必須同時監控所有這些面向。
* 瀏覽器是主要戰場： 近 48% 的事件涉及基於瀏覽器的活動。這反映了現代攻擊如何經常與日常工作流程（例如電子郵件、網路訪問和日常 SaaS 使用）交叉，將正常用戶行為轉變為攻擊向量。
* 勒索正在超越加密： 基於加密的勒索比去年下降了 15%，因為更多的攻擊者跳過加密，直接轉向數據竊取和破壞。從攻擊者的角度來看，這更快、更安靜，並產生即時壓力，而無需防禦者曾經依賴的信號來檢測勒索軟體攻擊。

**攻擊成功是因為暴露仍然勝過複雜性**

儘管我們看到速度和自動化，但我們回應的大多數事件並不是從根本上新的東西開始的。它們始於一再出現的漏洞。在許多情況下，攻擊者並未依賴複雜的漏洞利用，而是依賴被忽視的暴露。

* 環境複雜性削弱防禦：我們調查發現，超過九成的資安事件皆起因於設定錯誤或安全防護漏洞。其中一個主要驅動因素是工具蔓延。許多組織運行 50 種或更多的安全產品，這使得一致地部署控制或清楚地了解其數據所傳達的資訊變得極其困難。
* 能見度差距延遲檢測： 在許多情況下，信號是存在的。當我們進行鑑識回溯時，證據都在日誌中。但在攻擊期間，團隊必須將來自多個斷開連接的來源的數據拼湊起來，導致在最關鍵的起初幾分鐘內，拖慢了偵測與應變的時機
* 過度信任擴大影響： 一旦攻擊者站穩腳跟，過於寬鬆的訪問權限和未受管理的權杖經常讓他們比預期走得更遠。我們一再看到身份信任關係將單個受損帳戶轉變為廣泛的橫向移動和權限提升。

攻擊者不斷演進其工具與攻擊手法，但在現代企業環境中，他們之所以仍能頻繁得手，往往是利用了環境架構的複雜性、可視性不足，以及內部過度信任所造成的弱點。

**給安全領導者和防禦者的建議**

在超過 750 起第一線事件調查中，與資訊安全長（CISO）及資安團隊的討論一再顯示，三項優先事項。

* 減少暴露： 我們看到許多攻擊始於團隊未意識到已暴露的地方------第三方整合、未受管理的 SaaS 連接或日常瀏覽器活動。減少暴露意味著保護整個應用程式生態系統，並以與核心基礎設施相同的審查標準對待受信任的連接。
* 減少影響範圍：一旦攻擊者成功入侵，事件是否能被控制在局部範圍，抑或演變為重大營運中斷，關鍵往往在於身分管理。強化身分與存取管理（IAM），並移除不必要的信任關係，可有效限制攻擊者的橫向移動範圍，並降低其可能造成的損害程度。
* 提高回應速度：攻擊者取得初始存取權後的前幾分鐘，往往決定事件是否升級為資料外洩。資安團隊必須具備跨環境的可視能力，掌握即時狀況，並運用 AI 技術進行偵測、識別與優先排序關鍵威脅，使 SOC 能以機器等級的速度進行處置，在攻擊者行動之前即完成威脅控管。

**結論**

每一次調查都講述一個故事。攻擊者如何進入。他們移動的速度有多快。是什麼讓影響變得更糟。在數百個這樣的案例中，模式浮現。Unit 42 每週 7 天、每天 24 小時在第一線處理這些事件，每年我們都會將所學到的知識提煉成實用指南。本報告的目標是將這些前線經驗轉化為決策，幫助您彌補攻擊者仍然依賴的漏洞，並在事件演變成洩露之前阻止它們。

隨時了解情況。閱讀 [2026 年 Unit 42 全球事件回應報告](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report)並下載執行資源套組。

*** ** * ** ***

## Related Blogs

### [Threat Intelligence](https://www.paloaltonetworks.com/blog/category/threat-intelligence/?lang=zh-hant&ts=markdown)

[#### 從勒索到營收損失](https://origin-researchcenter.paloaltonetworks.com/blog/2025/12/from-extortion-to-loss/?lang=zh-hant)

### [Threat Intelligence](https://www.paloaltonetworks.com/blog/category/threat-intelligence/?lang=zh-hant&ts=markdown)

[#### 社交工程攻擊日益猖獗](https://origin-researchcenter.paloaltonetworks.com/blog/2025/09/social-engineering-attacks-increasing/?lang=zh-hant)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://origin-researchcenter.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language