The company explained what cyber threats Russian companies faced in 2023.
Innostage presented the results of a study that Russian companies faced in 2023. Experts presented analytics on DDoS attacks, personal data leaks across Russia and analysis of Russian companies using open data cyber intelligence (OSINT)tools
According to the results, hackers still focus on medium and small businesses. 43% of leaks in 2023 occurred at medium-sized companies, 38% - at small businesses and 19% - at large corporations.
There is also a 50% increase in cyber attacks on Russian software developers and their partners. The trend of attacks on large and well-protected companies through software supply chains, services and services of contractors has become particularly popular.
Telegram was and remains the key platform for publishing fragments of stolen data and reports on implemented incidents, and the main means of communication for hackers in 2023.
In order to attract attention and gain more publicity, hacktivists have started posting data leaks in open sources before public holidays and important state dates. The hacks and attacks themselves were carried out one to two weeks before the official announcement of the cyber attack.
In 2023, the number of publications of complete arrays of stolen data decreased. Instead, hackers upload information in chunks to make it difficult to assess the damage and the number of compromised resources.
Innostage analyzed more than 2,000 incidents and classified them into several types. 45% of incidents are related to the leakage of confidential data that was later discovered on public forums and repositories. In 2% of cases, experts found company data in the "deep Internet" (DeepWeb), which can only be accessed using specialized programs that ensure user anonymity and traffic encryption.
27% of the incidents were related to phishing domains that mimicked the domains of the attacked companies. Another 24% of incidents are not incidents, but suspicions of them related to vulnerabilities and errors on the external network perimeter. In addition to administrative errors, the incidents included cases of malicious activity and compromise of services that could have been used by the customer. Other types of incidents included publishing information about trending threats and ZeroDay, defacing (spoofing site pages), and disclosing infrastructure data.
The study revealed that 4.1 thousand domains and 23.8 thousand unique IP addresses in Russia were subjected to single or serial DDoS attacks. 45 million unique email addresses were found in data leaks, and the number of data leaks increased by 14% in 2023.
Innostage presented the results of a study that Russian companies faced in 2023. Experts presented analytics on DDoS attacks, personal data leaks across Russia and analysis of Russian companies using open data cyber intelligence (OSINT)tools
According to the results, hackers still focus on medium and small businesses. 43% of leaks in 2023 occurred at medium-sized companies, 38% - at small businesses and 19% - at large corporations.
There is also a 50% increase in cyber attacks on Russian software developers and their partners. The trend of attacks on large and well-protected companies through software supply chains, services and services of contractors has become particularly popular.
Telegram was and remains the key platform for publishing fragments of stolen data and reports on implemented incidents, and the main means of communication for hackers in 2023.
In order to attract attention and gain more publicity, hacktivists have started posting data leaks in open sources before public holidays and important state dates. The hacks and attacks themselves were carried out one to two weeks before the official announcement of the cyber attack.
In 2023, the number of publications of complete arrays of stolen data decreased. Instead, hackers upload information in chunks to make it difficult to assess the damage and the number of compromised resources.
Innostage analyzed more than 2,000 incidents and classified them into several types. 45% of incidents are related to the leakage of confidential data that was later discovered on public forums and repositories. In 2% of cases, experts found company data in the "deep Internet" (DeepWeb), which can only be accessed using specialized programs that ensure user anonymity and traffic encryption.
27% of the incidents were related to phishing domains that mimicked the domains of the attacked companies. Another 24% of incidents are not incidents, but suspicions of them related to vulnerabilities and errors on the external network perimeter. In addition to administrative errors, the incidents included cases of malicious activity and compromise of services that could have been used by the customer. Other types of incidents included publishing information about trending threats and ZeroDay, defacing (spoofing site pages), and disclosing infrastructure data.
The study revealed that 4.1 thousand domains and 23.8 thousand unique IP addresses in Russia were subjected to single or serial DDoS attacks. 45 million unique email addresses were found in data leaks, and the number of data leaks increased by 14% in 2023.
