The first half of 2024 was arguably the most dynamic and successful in Black Cell’s 14-year history. We achieved record revenues, with our exports skyrocketing in alignment with our international expansion strategy. Simultaneously, we actively participated in numerous conferences, cyber ranges, and expos across Europe and the Middle East. Join us as we provide a sneak peek into Black Cell’s H1 2024 results! 

Financial Highlights

Starting with the financials, Black Cell’s Hungarian sales during the first half of 2024 totaled 666 million HUF, compared to 661 million in the same period of 2023, reflecting a modest 0.7% year-over-year (YoY) growth. Meanwhile, our intra-EU exports reached 96 million HUF, a significant 277% YoY increase from the 34 million HUF achieved in the first half of the previous year. Our extra-EU exports also saw impressive growth, amounting to 76 million HUF, a 274% YoY increase from 23 million HUF in H1 2023. Overall, our net revenue for the first half of the year reached 839 million HUF, marking a 15% YoY increase. Thanks to our successful transition from value-added reselling to a more services-based income mix, Black Cell’s net income soared to 84 million HUF, a staggering 530% YoY increase. This financial progress underscores our commitment to prudent operations. Additionally, in H1 2024, we welcomed several new colleagues, bringing our total number of employees to 36. 

Notable Events and Figures

We kicked off the year with the Master Planning Conference of NATO’s largest interoperability exercise, CWIX, held in Denmark. To enhance efficiency, we introduced a more advanced project and time tracking system, enabling us to better monitor and report on our teams’ productivity. Black Cell was also honoured to participate in a Japanese technology expo organized by the Ministry of Foreign Affairs. Our UAE entity, Black Cell FZCO, was present at GISEC Global in Dubai, the largest cybersecurity event in the Middle East and Africa. Additionally, our Fusion Center took part in an OT cybersecurity range in Essen, Germany, organized by one of our SOC customers. 

In June, we reached a significant milestone when Black Cell was awarded the largest contract in our history: a three-year agreement with an international integrated aluminium producer. This contract involves providing professional services across various workstreams, including log management, controls assurance, third-party risk management, and more.

During the first half of 2024, Black Cell’s Fusion Center: 

• Processed and triaged over 43,000 security alerts, ensuring timely identification and response to potential threats. 

• Escalated and thoroughly investigated more than 1,600 true positive incidents in close collaboration with our clients, ensuring comprehensive analysis and resolution. 

• Successfully thwarted over 80 mass phishing campaigns, including 6 critical incidents that impacted over two-thirds of the client organization, thereby protecting multiple potential victims from becoming compromised. 

• Identified and neutralized over 5 APT campaigns before critical systems could be accessed, underscoring our capacity to counter highly skilled adversaries. 

• Implemented bespoke SOAR automations, resulting in over 5,500 alerts with significantly improved response times, enhancing our overall incident management efficiency.

Additionally, our Fusion Center recognized the following top 5 MITRE ATT&CK techniques prevalent in cyber-attacks during the first half of this year: 

• T1598 – Phishing for Information: We’ve observed a notable surge in the volume of phishing attacks, with adversaries leveraging increasingly advanced obfuscation techniques to bypass security controls. 

• T1078 – Valid Accounts: Stemming from third-party data breaches and credential-stealing malware on personal devices, we observed a decrease in actual account compromises but an uptick in credential stuffing attempts using both current and outdated leaked credentials. 

• T1595 – Active Scanning: An increase in generic, non-targeted vulnerability scans conducted by bots and botnets was observed, along with routine unwanted port scanning activities. 

• T1528 – Steal Application Access Token: As multi-factor authentication becomes more prevalent, the social engineering attacks we have observed are increasingly shifting towards capturing authentication tokens, such as session tokens or Kerberos tickets. 

• T1199 – Trusted Relationship: There has been a measurable rise in incidents where attackers exploit the weaker security measures of vendors, thereby breaching the customers secure environments through compromised trusted relationships. 

The Offensive Security team’s phishing simulation service has significantly helped many clients improve their information security awareness. By replicating real-world attacks and offering specialized awareness training, we’ve seen remarkable results. In the first round of phishing attack simulations this year, the success rate was as high as 74% among new clients. However, after implementing our reworked and more customized training material, this rate dropped to below 25% in subsequent campaigns. Alongside the Black Cell Academy platform—specifically designed for customers under the NIS2 directive—our clients can further strengthen their “weakest link” against social engineering attacks. 

Our Weekly Vulnerability Report service has also been instrumental in enhancing our clients’ remediation resource planning. By providing remediation priority suggestions based on vulnerabilities with CVE IDs, EPSS scoring, and manual system and network proofing, our clients can focus on mitigating real and validated threats. As a result, they have saved and reallocated thousands of remediation work hours, with more savings expected in the future. 

As summer ends and we move further into the second half of 2024, the excitement continues. We are preparing to move into our new headquarters at BEM Center and release Black Cell Academy, a role-based cybersecurity awareness SaaS platform. Additionally, we are guiding our customers towards comprehensive resilience as the NIS2 October 18 deadline approaches. 

 We are deeply grateful for the trust our clients place in us and for the dedication of our team. As we prepare for the challenges and opportunities that lie ahead, we do so with confidence, knowing that together we can achieve even greater cyber resilience. Here’s to an even better rest of 2024! 

Black Cell Management