Cyberattacks are big news. Reports of attacks at large, well-known companies or local government offices make headlines on a seemingly constant basis. For those following cybersecurity a bit more closely, the view isn’t too different, with cybersecurity news outlets’ coverage of top breaches dominated by household names like Mailchimp, MGM, Activision and 23andMe.
Based on what gets reported, it wouldn’t be unreasonable to assume that cybercrime is a far bigger problem for Wall Street than for Main Street. Unfortunately, nothing could be further from the truth. In a 2023 blog, CISA reported that small businesses are three times more likely to be targeted by threat actors than larger organizations. And these SMB attacks represent billions of dollars in losses each year. That’s a key reason why SonicWall is so committed to researching and publishing the latest threat intelligence. With SMBs making up 80% of our end users, our data presents a view of the threat landscape unlike what you’ll find anywhere else — one centered less around large multinational conglomerates, and more on businesses just like yours.
2023’s Top Trends
Perhaps the biggest trend we observed in the 2023 landscape was acceleration. SonicWall Capture Labs threat researchers noted increased attack volumes nearly across the board. Malware jumped 11% year-over-year, with encrypted threats up 117% and cryptojacking up 659%. This trend bore out on a regional basis as well, with attack volume increases outpacing decreases nearly 3 to 1.
Rather than the relentless push and pull of outside forces we’ve seen at work over the past several years, we saw threat actors in 2023 sticking with tried-and-true methods. While one would expect increasing malware attack volumes and persistently high phishing levels to be accompanied by high rates of new malware, we found the opposite to be true: Never-before-seen malware detections actually fell 38% year over year.
But this doesn’t mean threat actors weren’t refining their craft. SonicWall researchers observed the emergence of Microsoft OneNote files as an initial threat vector, as well as massive campaigns targeting vulnerabilities in WinRAR and MOVEit.
Our data continued to reflect vulnerabilities as the most common ransomware vector — and this will likely remain the case as the number of vulnerabilities continues to climb. A record 28,834 CVEs were published in 2023, a 15% increase over 2022’s numbers. In December, SonicWall’s threat researchers discovered and responsibly disclosed CVE-2023-51467, a vulnerability affecting ApacheOFBiz. Large numbers of exploitation attempts have since been observed.
Other campaigns displayed a similar level of innovation. Novel phishing campaigns driving targets to highly convincing Microsoft Outlook and American Express login pages were observed, along with phishing campaigns utilizing QR codes to bypass file scanning technology. Cybercriminals took advantage of inflation and uncertain economic conditions to launch fraudulent loan apps packed with spyware functionalities and credential-theft capabilities. And Google scripts embedded in PDFs were weaponized to commit cryptocurrency theft, demonstrating the need for heightened vigilance even in seemingly trusted environments.
Comentarios