Organizations need to brace themselves for a storm of cyber threats this year, according to a poll conducted by cybersecurity firm, DarkInvader. The poll found that almost half of C-suite executives and other senior figures surveyed expect the number and size of cyber events aimed at their organization’s accounting and financial data to increase in 2023. Despite this, only 20.3% work with their cybersecurity peers closely and consistently.
With organizations becoming increasingly reliant on digital technologies and the rise of hybrid working, cybercriminals are finding new ways to exploit vulnerabilities and gain access to sensitive information. The first few months of 2023 were eventful, with several cyber threats hitting the headlines.
One such incident involved Royal Mail, which was targeted by Russian-linked ransomware operator Lockbit-3. The criminals published their attack and an ‘absurd’ ransom demand on their dark web blog, along with subsequent chat logs with Royal Mail. Despite demanding $80 million, they soon discovered they had mistakenly targeted a subsidiary rather than the parent company.
In another incident, The Guardian newspaper experienced a ransomware attack through email phishing, which resulted in part of its network being affected and employees being instructed to work remotely.
A data breach at groundbreaking AI pioneer, ChatGPT, revealed a bug in an open-source library, which inadvertently allowed users to view another user’s personal information. Fortunately, the bug was addressed promptly, and full credit card numbers were not exposed.
In addition, attendees at the Eurovision contest in Liverpool were warned of evidence of phishing emails being sent to some accommodation partners as scammers took advantage of the event.
A new Darkweb marketplace called ‘STYX’ has emerged, dealing in illegal services, stolen data, money laundering, and hacking tutorials that rely on cryptocurrency payments to maintain anonymity.
The activities of Chinese espionage threat actor known as UNC3886 were exposed by Mandiant in a detailed report. The actor targets firewalls, IoT devices, hypervisors, and VPN technologies, exploiting zero-day vulnerabilities and deploying custom malware to gain persistence and infiltrate the target environment.
To address these concerns, the UK government has urged businesses to enhance their supply chain security and released new guidance to assist businesses in understanding and managing information obtained from suppliers. Meanwhile, the Cyber Security and Infrastructure Agency (CISA) has introduced Decider, a free tool to facilitate the mapping of threat actor behavior to the MITRE ATT&CK framework.
To combat the wave of oncoming cyber threats, organizations need to implement comprehensive protective measures, including deploying robust firewalls and updating anti-malware solutions, regularly updating software, restricting access to sensitive data, educating employees on identifying and reporting suspicious emails, and establishing an incident response plan to back up critical data, establish communication protocols with stakeholders, and collaborate with authorities for investigations. By doing so, businesses can proactively mitigate the risk of cyber attacks in 2023 and beyond.