Brother
Professional
- Messages
- 2,590
- Reaction score
- 533
- Points
- 113
Experts warn of an increase in the number of sophisticated cyber attacks in 2024.
At the final press conference, Positive Technologies experts presented a detailed analysis of the cybersecurity situation in 2023 and gave a forecast for 2024.
According to the company's statistics, 73% of all cyber attacks in Russia in the first 9 months were targeted. This is 5 percentage points more than in the same period in 2022 (68%). 58% of successful attacks resulted in the theft of confidential data. In another 41% of cases, the main activity of the attacked organizations was disrupted. The main type of data stolen from organizations in the three quarters of 2023 was personal data (43%), but for individuals they became only the second (27%), giving way to credentials (38%). In general, the statistics are as follows: personal data (43%), credentials (16%), trade secrets (13%).
In the first 9 months, the number of attacks on web resources increased by 44% compared to the same period in 2022. Telecom suffered the biggest blow: the number of incidents increased by 1.8 times. In addition, the share of incidents increased in the financial and transport sectors, in the field of science and education, as well as in the media. Vulnerabilities in web applications accounted for 35%. Transport companies were victims of DDoS attacks (51%), which led to a large percentage of incidents that resulted in disruption of their main activities (73%). The most resonant case is a large-scale DDoS attack on Russian Railways, which resulted in the company's official website and mobile application not functioning for several hours.
In the context of a tense geopolitical situation, the threat of attacks from hacktivists has increased. Their favorite methods of attack are massive DDoS attacks and site defacing.
Spyware has become one of the main trends of 2023. Its use as an attack method increased from 18% in 2022 to 27% in the first three quarters of 2023. The share of spyware among all malware used in attacks on Russian organizations was 45%, while cryptographers were used only in 27% of cases, which differs from the figures worldwide. Experts explain such a significant gap by increasing the level of protection in Russian companies and increasing geopolitical tensions, in particular, attempts by US intelligence agencies to attack Russian Apple devices.
As noted in the company, in 2023 there was an evolution of cyber extortion. If earlier attackers demanded a ransom for decrypting data, now they are increasingly resorting to encryption and blackmail with threats to publish stolen information, the so-called "double extortion". This is due to the increased level of protection in companies and the advent of decryption tools, which makes cryptographic attacks less effective. As a result, attackers prefer to immediately use the stolen data to put pressure on the victim.
Another significant trend in 2023 was attacks on secure data transmission systems and other IT solutions. In the third quarter, new vulnerabilities were discovered in information transfer solutions such as South River Technologies Titan MFT and Titan SFTP. Thanks to the coordinated disclosure of the detected shortcomings, active exploitation of vulnerabilities was avoided.
This year was also characterized by the evolution of social engineering methods, in which attackers used neural networks and artificial intelligence. The scammers goal was to increase credibility and circumvent automatic speech recognition systems. To do this, they used modular tools for creating phishing sites and correspondence, as well as multi-stage attacks in which the criminal goal was achieved in several steps using various methods of deception. In addition, AI helped attackers maintain the illusion of a meaningful dialogue with the victim, generate convincing phishing emails, and create deepfakes — fake videos or audio using facial or voice replacement technology.
The use of AI has become popular not only for making social engineering techniques more complex, but also for phishing. In the first quarter of 2023 , a new phishing campaign was identified that uses a copy of the ChatGPT platform to deceive investors.
Deepfakes in 2023 increasingly became a propaganda tool against the backdrop of a complex geopolitical situation. The growing use of deepfakes has raised concerns about the need for stronger legal frameworks to address issues such as privacy, data protection, and cybercrime.
For 2024, Positive Technologies analysts predict a further increase in the popularity of double extortion tactics, when attackers demand ransom from both the compromised company and its customers, threatening to publish stolen personal data.
At the final press conference, Positive Technologies experts presented a detailed analysis of the cybersecurity situation in 2023 and gave a forecast for 2024.
According to the company's statistics, 73% of all cyber attacks in Russia in the first 9 months were targeted. This is 5 percentage points more than in the same period in 2022 (68%). 58% of successful attacks resulted in the theft of confidential data. In another 41% of cases, the main activity of the attacked organizations was disrupted. The main type of data stolen from organizations in the three quarters of 2023 was personal data (43%), but for individuals they became only the second (27%), giving way to credentials (38%). In general, the statistics are as follows: personal data (43%), credentials (16%), trade secrets (13%).
In the first 9 months, the number of attacks on web resources increased by 44% compared to the same period in 2022. Telecom suffered the biggest blow: the number of incidents increased by 1.8 times. In addition, the share of incidents increased in the financial and transport sectors, in the field of science and education, as well as in the media. Vulnerabilities in web applications accounted for 35%. Transport companies were victims of DDoS attacks (51%), which led to a large percentage of incidents that resulted in disruption of their main activities (73%). The most resonant case is a large-scale DDoS attack on Russian Railways, which resulted in the company's official website and mobile application not functioning for several hours.
In the context of a tense geopolitical situation, the threat of attacks from hacktivists has increased. Their favorite methods of attack are massive DDoS attacks and site defacing.
Spyware has become one of the main trends of 2023. Its use as an attack method increased from 18% in 2022 to 27% in the first three quarters of 2023. The share of spyware among all malware used in attacks on Russian organizations was 45%, while cryptographers were used only in 27% of cases, which differs from the figures worldwide. Experts explain such a significant gap by increasing the level of protection in Russian companies and increasing geopolitical tensions, in particular, attempts by US intelligence agencies to attack Russian Apple devices.
As noted in the company, in 2023 there was an evolution of cyber extortion. If earlier attackers demanded a ransom for decrypting data, now they are increasingly resorting to encryption and blackmail with threats to publish stolen information, the so-called "double extortion". This is due to the increased level of protection in companies and the advent of decryption tools, which makes cryptographic attacks less effective. As a result, attackers prefer to immediately use the stolen data to put pressure on the victim.
Another significant trend in 2023 was attacks on secure data transmission systems and other IT solutions. In the third quarter, new vulnerabilities were discovered in information transfer solutions such as South River Technologies Titan MFT and Titan SFTP. Thanks to the coordinated disclosure of the detected shortcomings, active exploitation of vulnerabilities was avoided.
This year was also characterized by the evolution of social engineering methods, in which attackers used neural networks and artificial intelligence. The scammers goal was to increase credibility and circumvent automatic speech recognition systems. To do this, they used modular tools for creating phishing sites and correspondence, as well as multi-stage attacks in which the criminal goal was achieved in several steps using various methods of deception. In addition, AI helped attackers maintain the illusion of a meaningful dialogue with the victim, generate convincing phishing emails, and create deepfakes — fake videos or audio using facial or voice replacement technology.
The use of AI has become popular not only for making social engineering techniques more complex, but also for phishing. In the first quarter of 2023 , a new phishing campaign was identified that uses a copy of the ChatGPT platform to deceive investors.
Deepfakes in 2023 increasingly became a propaganda tool against the backdrop of a complex geopolitical situation. The growing use of deepfakes has raised concerns about the need for stronger legal frameworks to address issues such as privacy, data protection, and cybercrime.
For 2024, Positive Technologies analysts predict a further increase in the popularity of double extortion tactics, when attackers demand ransom from both the compromised company and its customers, threatening to publish stolen personal data.
