Key points:
- SecureClaw Cyber Threat Advisory has analyzed cyber attacks that occurred in 2023 to identify trends and gaps in security.
- Various industries, including automobiles, manufacturing, software providers, energy, healthcare, and government, were targeted by cyber criminals in 2023.
According to a recent analysis by SecureClaw Cyber Threat Advisory, cybersecurity strategies can be improved by examining the cyber attack statistics from 2023. The analysis reviewed over 4,500 cyber articles from various sources and nations to identify the latest trends and gaps in security. The findings revealed that cyber criminals targeted a range of industries throughout 2023, including automobiles, manufacturing, software providers, energy, telecom, healthcare, and government. Specific targets included database systems, IT infrastructures, software systems, operational technology, websites, servers, emails, and mobile apps.
The analysis also highlighted various cyber attack techniques that were used in 2023. These included ransomware, malware, phishing, DDoS attacks, unauthorized access, backdoors, integrity hacks, credential theft, spyware, SQL injection, insiders, and Trojan horses. The purpose of these attacks ranged from damaging reputations and disrupting business activities to extortion and unauthorized access to data. Some attacks were also suspected to be state-sponsored, particularly in regions experiencing conflicts or wars.
SecureClaw also reported on specific cyber attack incidents that occurred in 2023. For example, ransomware attacks affected large enterprises such as Volvo Car, Ferrari, Tesla, Japanese pharma giant Eisai Group, and Spanish bank Globalcaja. Various ransomware gangs, including PlayCrypt, Clop, Vice Society, Black Basta, LockBit, BlackCat/ALPHV, Snatch, Rorschach, and Rhysida, were responsible for these attacks. Additionally, several malware types, such as Frebniis Malware, SwiftSlicer Widget, Emotet, Invicta Malware, Fluhorse Malware, and Letscall Malware, were prevalent during this period.
Based on these findings, SecureClaw outlined several recommendations for improving cybersecurity and enhancing business resilience. These included adopting cybersecurity best practices, providing cybersecurity awareness training for employees, maintaining secure and encrypted backups of important data, monitoring third-party users and external applications, regularly monitoring network logs and business transaction notifications, conducting regular security audits, tracking incidents until they are fully resolved, and developing a business continuity plan for unforeseen circumstances.