Positive Technologies: Information leakage was one of the main challenges for organizations last year.
Last year 2023 was marked by an increase in the number of successful attacks on organizations around the world: Compared to 2022, their share increased by 18 percentage points.This was due to many factors, including the complex global geopolitical situation, the massive exploitation of zero-day vulnerabilities in popular software, as well as the complexity and sophistication of attacks.
According to a study by Positive Technologies, in 2023 there was a rapid increase in the number of hacktivist attacks motivated by political events. The attackers continued to implement unacceptable events, attacking critical infrastructure objects, disrupting the availability of mobile communications and banking services, and leading to the shutdown of organizations, including the bankruptcy of some of them.
The use of malware as an attack method increased by 5 percentage points compared to the previous year, reaching 23%. This is due to the trend of mass use of spyware in attacks on organizations.
Ransomware attacks have increased in all industries. The share of cryptographers was 57% of all malware used in successful attacks. Extortion in cyberspace has evolved from demanding ransom for decrypting data to encryption and blackmailing the publication of stolen information (double extortion).
One of the most notable trends of the year was attacks on secure data transmission systems. In addition, vulnerabilities discovered several years ago are still relevant.
The number of information leaks from organizations increased from 47% in 2022 to 56% in 2023, including due to increased attacks on secure data transmission systems.
The problem of data leaks has become one of the main threats for organizations in 2023, according to a study by Positive Technologies. Leaks occurred as a result of every second successful attack on organizations. Companies that store customers ' personal data, including major retailers, medical firms, and online bookstores, were particularly affected. Criminals extorted tens of millions of dollars from victims, threatening to make the stolen information public. Personal data was still a favorite target of attackers, and it was stolen in 45% of successful attacks. Hackers also stole trade secrets (19% of attacks), accounts (11%) and medical information (10%).
Social engineering remains one of the main methods of attacking organizations, used by attackers in almost half of successful attacks (45%) in 2023. At the same time, social engineering methods have evolved, becoming more complex, using neural networks.
Government agencies still lead the way in the number of incidents, accounting for 15% of all successful attacks on organizations in 2023. In the field of science and education, there was an increase in the number of incidents compared to 2022, which led to the movement of this industry from the fifth to the third place in the rating for the number of successful attacks (9%).
IT companies and industrial organizations also became more likely to be exposed to cyber attacks, accounting for 8% of all successful attacks, which is 2 percentage points higher than in 2022. Attackers targeted IT companies in order to gain access to their systems and conduct supply chain attacks on organizations that use the services and products of these vendors.
In conclusion, it is worth noting the experts ' forecasts for 2024. Due to the complex geopolitical situation in the world, the consequences of cyber attacks on state, industrial and transport organizations are expected to worsen. Attacks can lead to violations of critical government services, leaks of personal data or confidential information. At the same time, the number of incidents will continue to grow steadily.
Russian companies will face an increase in highly skilled targeted attacks. Since the start of the special military operation, enough time has passed to prepare hacker groups for attacks on the country's vital resources.
The number of ransomware attacks and new leaks of confidential data is expected to increase. Last year showed that attackers are transforming their approaches to such attacks and are often successful.
Attackers need fewer and fewer skills to carry out attacks due to the proliferation of "ransomware-as-a-service" and "phishing-as-a-service" - ready-made tools for ransomware and phishers-on the shadow market, which will lead to an increase in the number of attacks on organizations.
The trend of exploiting vulnerabilities, including zero-day ones, will continue, which can lead to data compromise, cryptographic attacks, and site defacing. Attackers will continue to exploit long-known vulnerabilities in unpatched products.
Social engineering methods will become more complex. The development of generative AI will allow scammers to create more convincing phishing emails.
Increasing the number of supply chain attacks. Last year was marked by a large number of vulnerabilities in various IT and information security solutions, which had an impact on the resistance to cyber attacks in various industries-from government organizations to the service sector. IT companies play an important role here. By implementing attacks on the supply chain, you can attack organizations that are their customers. This trend will continue in 2024.
Last year 2023 was marked by an increase in the number of successful attacks on organizations around the world: Compared to 2022, their share increased by 18 percentage points.This was due to many factors, including the complex global geopolitical situation, the massive exploitation of zero-day vulnerabilities in popular software, as well as the complexity and sophistication of attacks.
According to a study by Positive Technologies, in 2023 there was a rapid increase in the number of hacktivist attacks motivated by political events. The attackers continued to implement unacceptable events, attacking critical infrastructure objects, disrupting the availability of mobile communications and banking services, and leading to the shutdown of organizations, including the bankruptcy of some of them.
The use of malware as an attack method increased by 5 percentage points compared to the previous year, reaching 23%. This is due to the trend of mass use of spyware in attacks on organizations.
Ransomware attacks have increased in all industries. The share of cryptographers was 57% of all malware used in successful attacks. Extortion in cyberspace has evolved from demanding ransom for decrypting data to encryption and blackmailing the publication of stolen information (double extortion).
One of the most notable trends of the year was attacks on secure data transmission systems. In addition, vulnerabilities discovered several years ago are still relevant.
The number of information leaks from organizations increased from 47% in 2022 to 56% in 2023, including due to increased attacks on secure data transmission systems.
The problem of data leaks has become one of the main threats for organizations in 2023, according to a study by Positive Technologies. Leaks occurred as a result of every second successful attack on organizations. Companies that store customers ' personal data, including major retailers, medical firms, and online bookstores, were particularly affected. Criminals extorted tens of millions of dollars from victims, threatening to make the stolen information public. Personal data was still a favorite target of attackers, and it was stolen in 45% of successful attacks. Hackers also stole trade secrets (19% of attacks), accounts (11%) and medical information (10%).
Social engineering remains one of the main methods of attacking organizations, used by attackers in almost half of successful attacks (45%) in 2023. At the same time, social engineering methods have evolved, becoming more complex, using neural networks.
Government agencies still lead the way in the number of incidents, accounting for 15% of all successful attacks on organizations in 2023. In the field of science and education, there was an increase in the number of incidents compared to 2022, which led to the movement of this industry from the fifth to the third place in the rating for the number of successful attacks (9%).
IT companies and industrial organizations also became more likely to be exposed to cyber attacks, accounting for 8% of all successful attacks, which is 2 percentage points higher than in 2022. Attackers targeted IT companies in order to gain access to their systems and conduct supply chain attacks on organizations that use the services and products of these vendors.
In conclusion, it is worth noting the experts ' forecasts for 2024. Due to the complex geopolitical situation in the world, the consequences of cyber attacks on state, industrial and transport organizations are expected to worsen. Attacks can lead to violations of critical government services, leaks of personal data or confidential information. At the same time, the number of incidents will continue to grow steadily.
Russian companies will face an increase in highly skilled targeted attacks. Since the start of the special military operation, enough time has passed to prepare hacker groups for attacks on the country's vital resources.
The number of ransomware attacks and new leaks of confidential data is expected to increase. Last year showed that attackers are transforming their approaches to such attacks and are often successful.
Attackers need fewer and fewer skills to carry out attacks due to the proliferation of "ransomware-as-a-service" and "phishing-as-a-service" - ready-made tools for ransomware and phishers-on the shadow market, which will lead to an increase in the number of attacks on organizations.
The trend of exploiting vulnerabilities, including zero-day ones, will continue, which can lead to data compromise, cryptographic attacks, and site defacing. Attackers will continue to exploit long-known vulnerabilities in unpatched products.
Social engineering methods will become more complex. The development of generative AI will allow scammers to create more convincing phishing emails.
Increasing the number of supply chain attacks. Last year was marked by a large number of vulnerabilities in various IT and information security solutions, which had an impact on the resistance to cyber attacks in various industries-from government organizations to the service sector. IT companies play an important role here. By implementing attacks on the supply chain, you can attack organizations that are their customers. This trend will continue in 2024.
