Page 71 - Cyber Defense eMagazine October 2023
P. 71
Unlike the cybercriminal gangs of years past, who relied on reputation and branding, today’s attackers
are largely operating in secret, in part due to recent advances by law enforcement. By pivoting to lower-
cost, less risky attack methods, such as cryptojacking, these attackers hope to reduce their risk of
discovery while maximizing profit.
The current cyber threat outlook reveals an increasingly diversified landscape amid shifting threat actor
strategies, requiring companies of all sizes to bolster their defenses. Threat actors are increasingly
moving away from traditional ransomware attacks in favor of stealthier malicious activities.
Case in point, overall intrusion attempts are up by 21%, encrypted threats jumped 22%, IoT malware
rose by 37%, and we saw a record 399% surge in cryptojacking volume.
This year also firmly reinforced the need for cybersecurity in every industry as threat actors targeted
everything from education to finance. While organizations face an increasing number of real-world
obstacles with macroeconomic pressures and continued geopolitical strife, threat actors are shifting
attack strategies at an alarming rate.
These criminals are now embracing slower and more clandestine approaches to financially motivated
cyberattacks. Hence, it is critical for organizations to better understand the attackers' tactics, techniques,
and procedures, and commit to threat-informed cybersecurity strategies to defend and recover
successfully from business-disrupting events.
In addition to cyberattacks becoming more sophisticated and covert, threat actors are showing clear
preferences for certain techniques, with notable shifts toward potentially soft targets like schools and
hospitals.
Prominent ransomware attacks of recent—140.1 million thus far in 2023—have impacted enterprises,
governments, airlines, hospitals, hotels and even individuals, causing widespread system downtime,
economic loss, and reputational damage. While March saw lower-than-expected ransomware, it also
turned out to be an inflection point as ransomware rose in April, more than doubled in May, and jumped
again in June, suggesting a solid rebound in ransomware as we continue moving through 2023. Further,
a number of these enterprises saw a huge growth in cryptojacking attacks, including education (+320X),
government (+89X) and healthcare (+69X).
Moreover, cybercriminals are using increasingly advanced tools and tactics to exploit and extort victims,
with state-sponsored activity growing as a concern. While ransomware continues to be a threat, we can
expect more state-sponsored activity targeting a broader set of victims, including small and medium
businesses (SMBs) who may mistakenly believe that they will fly under the radar of sophisticated
attackers.
What then can companies and enterprises do to combat these ever-evolving cybersecurity threats?
Staying up to date on cyber intelligence remains the best defense as it provides a deeper understanding
of the current threat landscape and helps to break down why cyberattacks continue to be successful, as
well as the drivers and trends behind them.
Cyber Defense eMagazine – October 2023 Edition 71
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.