Cybercrime in 2023 burrowed to new depths, costing companies millions more than in 2022. Known threats increased, and new, more sophisticated blended attacks surfaced. Remote working conditions contributed, at least in part, to the evolution of cyberattacks throughout the year. Companies swiftly adopted new technologies, choosing to skip rigorous vetting processes. Employees used a mix of personal and company-owned devices from their home networks, significantly increasing the number of devices connecting to internal company resources.
Poor work-from-home security practices were a contributing factor, but weren’t solely responsible for opening doors for cybercriminals. Understaffed IT security teams tackled serious software vulnerabilities to defend against a growing list of increasingly sophisticated threats. Some of the evolved cybersecurity threats in recent years include:
Apache Log4j Flaw
Threat actors actively targeted the Log4j flaw, which was present across personal and commercial devices and systems. Widespread use of the Log4j logging utility for Apache meant hundreds of millions of devices were at risk of complete system takeover until an urgent security patch could be applied.
Brute Force Attack on Remote Desktop
A ransomware group launched a brute-force attack against Microsoft Windows Remote Desktop Protocol (RDP) credentials to gain access to victim networks and deploy Ranzy Locker ransomware. Known Microsoft Exchange Server vulnerabilities were targeted with phishing campaigns in some cases. The end result was the same: Criminals found and copied files containing personal and financial information before encrypting them.
In an attempt to compel more victims to pay ransom, the RagnarLocker ransomware gang employed a new tactic. The group announced it would publish victims’ stolen data immediately if law enforcement was involved or if victims had received professional help to mitigate the situation. This criminal network is notorious for using reconnaissance to find highly valued files and storage devices inside victim networks before manually deploying ransomware to encrypt or delete the data.
What the Future Holds
Cyberattacks will continue to cause destruction, disruption, and financial damages. Organizations of all sizes were ensnared by sophisticated cyberattacks in 2023, and the trend will continue. Attacks will include familiar tactics alongside new blended methods for maximum damage and financial gain.
Phishing will continue as a primary attack vector across industries, with these tactics being adapted to avoid detection and thus reach more victims. A new attack method now uses malicious QR codes to evade security tools.
Supply chain attacks two ways
Software supply chain attacks, similar to the SolarWinds attack of 2020, are expected to increase. Threat actors target trusted systems to access source code and distribute malware.
Linux and MacOS in the crosshairs
Linux-based malware is on the rise, and Linux remains a popular target for ransomware, trojans, rootkits, and crypto miners. Malware authors are also reaching more machines by porting Windows malware to run on Linux systems.
Protecting your data from compromise requires a proactive approach to mitigate the effects of an attack on your systems and potentially save your business from ruin. Data backup is good, but modern cyberattacks target backups by either encrypting or deleting the data. A reliable data backup and recovery plan will ensure backups are stored in a separate location away from the rest of the network.