Every third successful attack on companies involves exploiting vulnerabilities.
Positive Technologies analyzed modern cyber threats for the fourth quarter of 2023. The results showed that in three out of four successful attacks on organizations during this period, attackers used malware, and in every third they exploited vulnerabilities. The company also notes that half of all successful attacks in the last quarter of the year resulted in a leak of confidential information, in the total volume of which the share of bank card data increased.
According to the report, in the last quarter of 2023, there were 19% more incidents than in the same period of the previous year, while 78% of all successful attacks were targeted. In addition to sensitive leaks, the main consequences of successful attacks were disruption of core business (33%) for organizations and direct financial losses (30%) for individuals.
The analysis showed that in the fourth quarter of 2023, the percentage of successful malware attacks on organizations increased from 45% to 73% compared to the previous quarter. The most common types of malicious software are still cryptographers, spyware, and remote management tools. There was also a 5 percentage point increase in the number of attacks using spyware compared to the previous quarter, which highlights the trend of their spread throughout 2023.
Approximately 31% of all successful attacks are related to exploiting vulnerabilities, among which the critical vulnerability CVE-2023-20198 in the Cisco IOS XE operating system with the maximum risk assessment, which led to hacking of tens of thousands of devices, stands out. Also noted is the exploitation of vulnerability CVE-2023-4966 in Citrix's NetScaler ADC and Gateway products, which affected large organizations such as Boeing and ICBC .
In the last three months of the year, there was an increase in attacks on water supply systems. Hacktivists from the Cyber Av3ngers group showed particular interest in industrial control systems from the Israeli manufacturer Unitronics, having managed to hack and stop a number of water treatment systems in Israel and seize control of a pumping station in Pennsylvania. A similar attack in Ireland caused the water supply to be cut off in 180 homes. The ransomware also targeted the water supply, as exemplified by the attack on the North Texas water utility by the Daixin Team.
In the fourth quarter, the share of stolen payment card data in the total amount of stolen information increased: from 3% to 5% in attacks on organizations and from 13% to 16% in attacks on individuals. This is attributed to the use of JavaScript sniffers, malicious scripts that collect payment card data from Internet sites.
Yana Avezova, senior analyst at Positive Technologies, comments on the growing number of attacks related to the theft of payment card data as a natural phenomenon before the holidays. She notes that the success of such attacks is often due to the use of outdated software and recommends making purchases in reliable online stores, using payment services without entering card details, and getting a separate card for online payments.
To prevent cyber attacks, site administrators are advised to regularly check the security of their resources, update CMS and plugins, use strong passwords and multi-factor authentication. Organizations are encouraged to carefully select software vendors, develop vulnerability management processes, and participate in vulnerability detection programs. We suggest using firewalls to protect the perimeter, and sandboxes and security monitoring systems to detect malware.
Positive Technologies analyzed modern cyber threats for the fourth quarter of 2023. The results showed that in three out of four successful attacks on organizations during this period, attackers used malware, and in every third they exploited vulnerabilities. The company also notes that half of all successful attacks in the last quarter of the year resulted in a leak of confidential information, in the total volume of which the share of bank card data increased.
According to the report, in the last quarter of 2023, there were 19% more incidents than in the same period of the previous year, while 78% of all successful attacks were targeted. In addition to sensitive leaks, the main consequences of successful attacks were disruption of core business (33%) for organizations and direct financial losses (30%) for individuals.
The analysis showed that in the fourth quarter of 2023, the percentage of successful malware attacks on organizations increased from 45% to 73% compared to the previous quarter. The most common types of malicious software are still cryptographers, spyware, and remote management tools. There was also a 5 percentage point increase in the number of attacks using spyware compared to the previous quarter, which highlights the trend of their spread throughout 2023.
Approximately 31% of all successful attacks are related to exploiting vulnerabilities, among which the critical vulnerability CVE-2023-20198 in the Cisco IOS XE operating system with the maximum risk assessment, which led to hacking of tens of thousands of devices, stands out. Also noted is the exploitation of vulnerability CVE-2023-4966 in Citrix's NetScaler ADC and Gateway products, which affected large organizations such as Boeing and ICBC .
In the last three months of the year, there was an increase in attacks on water supply systems. Hacktivists from the Cyber Av3ngers group showed particular interest in industrial control systems from the Israeli manufacturer Unitronics, having managed to hack and stop a number of water treatment systems in Israel and seize control of a pumping station in Pennsylvania. A similar attack in Ireland caused the water supply to be cut off in 180 homes. The ransomware also targeted the water supply, as exemplified by the attack on the North Texas water utility by the Daixin Team.
In the fourth quarter, the share of stolen payment card data in the total amount of stolen information increased: from 3% to 5% in attacks on organizations and from 13% to 16% in attacks on individuals. This is attributed to the use of JavaScript sniffers, malicious scripts that collect payment card data from Internet sites.
Yana Avezova, senior analyst at Positive Technologies, comments on the growing number of attacks related to the theft of payment card data as a natural phenomenon before the holidays. She notes that the success of such attacks is often due to the use of outdated software and recommends making purchases in reliable online stores, using payment services without entering card details, and getting a separate card for online payments.
To prevent cyber attacks, site administrators are advised to regularly check the security of their resources, update CMS and plugins, use strong passwords and multi-factor authentication. Organizations are encouraged to carefully select software vendors, develop vulnerability management processes, and participate in vulnerability detection programs. We suggest using firewalls to protect the perimeter, and sandboxes and security monitoring systems to detect malware.
