Top Threats
- Ransomware: Ransomware continues to be a significant threat, with a notable increase in attacks in 2023.
- Business Email Attacks: Business email compromise (BEC) attacks lead this list, as these scams can have attractive payouts. BEC-related losses totaled nearly $2.4 billion in 2021 [1].
- Zero-day Exploits: There were a significant number of disclosures of zero-day vulnerabilities in 2023.
- Social Engineering: Investigators report they’re seeing more ingenuity in cybercrime, especially for lower-level scams.
- Supply Chain Targeting: Third-party incidents continue to be a major concern.
Major Trends
- Geopolitical Factors: The Russia-Ukraine war and rising poverty and food insecurity around the world are major contributors to the uptick in cyberattacks.
- Increased Creativity in Scams: As old tricks stop working, perpetrators are being forced to innovate.
- Exploitation of Remote Services: Exploitation of remote services, exploitation of public-facing applications, and exploitation for privilege escalation are the top three MITRE ATT&CK tactics [2].
Please note that this is a general overview and the details of each threat may vary. Read our ezines and always stay up to date with the latest cybersecurity news and advisories to protect your systems effectively. Remember, cybersecurity is a shared responsibility and we all have a role to play in keeping our cyberspace safe.
References
[1] John Wilson, «Cybersecurity Threats In 2023: An Expert’s Top 5 Predictions», Forbes, 2022. [Online]. Available https://www.forbes.com/advisor/personal-finance/cybersecurity-threats-for-2023/ [Accessed on: 01 feb 2024].
[2] «MITRE ATT&CK», MITRE ATT&CK, 2024. [Online]. Available: https://attack.mitre.org/ [Accessed on: 01 feb 2024].