An 8% Spike In Cyber Attacks

Uploaded on 2023-09-09 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

The research unit of leading provider of cyber security solutions globally, Check Point has released its 2023 Mid-Year Security Report.

The report uncovers a worrisome 8% surge in global weekly cyberattacks in the second quarter, the most significant increase in two years, highlighting how attackers have cunningly combined next generation AI technologies with long-established tools like USB devices to conduct disruptive cyber attacks.

The report also illuminates how ransomware attacks have escalated in the first half of the year with new ransomware groups coming onto the scene. From the attack on the Univerity of Manchester to the rise of new group Anonymous Sudan targeting western organisations, the 2023 Mid-Year Report uncovers the trends and behaviours that have defined the year so far.

Key insights from the 2023 Mid-Year Security Report include:

  • Ransomware groups have stepped up their game, exploiting vulnerabilities in commonly used corporate software and shifting their approach from data encryption to data theft.
  • USB Devices have resurfaced as significant threats, with both state-affiliated groups and cybercriminals deploying USB drives as vectors for infecting organisations globally.
  • Hacktivism has seen a rise, with politically motivated groups launching attacks on selected targets.
  • Artificial Intelligence misuse has amplified, with generative AI tools being used to craft phishing emails, keystroke monitoring malware, and basic ransomware code, calling for stronger regulatory measures.

In H1 2023, 48 ransomware groups have breached over 2,200 victims, with Lockbit3 being the most active, reporting a 20% increase in victims compared to H1 2022. The emergence of new groups like Royal and Play is associated with the termination of Hive and Conti Ransomware-as-a-Service (RaaS) groups.

In terms of geography, 45% of victims are in the US, with an unexpected rise in Russian entities due to a new malicious actor, Malas Locker, which substitutes ransom demands with charitable donations. The manufacturing and retail sectors have seen the most victims, suggesting a shift in ransomware attack strategy.

“Criminal activities have continued to rise in the first half of the year, with an 8% surge in global weekly cyberattacks in the second quarter marking the highest volume in two years... Familiar threats such as ransomware and hacktivism have evolved further, with threat groups modifying their methods and tools to infect and affect organisations worldwide. Even legacy technology such as USB storage devices, which have long been gathering dust in desk drawers, have gained popularity as a malware messenger.” said Maya Horowitz, VP Research at Check Point.

The 2023 Mid-Year Security Report provides a comprehensive account of the cyber-threat landscape. The findings are based on data drawn from the Check Point ThreatCloud cyber threat map, which looks at the key tactics cyber criminals use to carry out their attacks.

In general, the Report highlights the need for organisations to build a cyber resiliency strategy and strengthen their defenses by adopting a prevention-first, integrated approach to cyber security.

 2023 Mid-Year Cyber Security Report:   Checkpoint

You Might Also Read:

2023’s Most Wanted Malware:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« CISA's Post-Quantum Cryptography Initiative
New Cyber Security Programme For British Schools »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CQS (Certified Quality Systems)

CQS (Certified Quality Systems)

CQS is an organisation specialising in ISO assessment and certification, including ISO 27001, along with other management system standards.

Quantivate

Quantivate

Quantivate is a provider of web-based Governance, Risk, and Compliance (GRC) software and service solutions.

SynerComm

SynerComm

SynerComm is an IT solution provider specializing in network and security infrastructure, enterprise mobility, remote access, wireless solutions, audit, pentesting and information assurance.

Cyber Defense Labs

Cyber Defense Labs

Cyber Defense Labs helps companies identify, mitigate and reduce risk as a trusted, reliable partner for cyber risk management.

VXRL

VXRL

VXRL is a Hong Kong-based cybersecurity company. We provide consulting services, penetration testing, and corporate training.

Cloudentity

Cloudentity

Cloudentity combines Identity for all things with API and Application security in a unique deployment model, combining cloud-transformation and legacy systems.

EU Joint Research Centre

EU Joint Research Centre

JRC is the European Commission's science and knowledge service which employs scientists to carry out research in order to provide independent scientific advice and support to EU policy.

Cambridge Cybercrime Centre

Cambridge Cybercrime Centre

The Cambridge Cybercrime Centre is a multi-disciplinary initiative combining expertise from the Department of Computer Science and Technology, Institute of Criminology and Faculty of Law.

Resistant AI

Resistant AI

Resistant AI protects against evolving online fraud. We connect the dots to provide a new layer of trust and performance for our clients’ systems.

Allied Telesis

Allied Telesis

Allied Telesis delivers the secure, flexible, and agile solutions needed to meet the expectations of any industry’s critical mission.

Allentis

Allentis

Allentis provide adapted solutions to ensure the security and performance of your information system.

Opus Security

Opus Security

Opus dramatically reduces cloud security risks by enabling teams to define, orchestrate, automate and measure remediation processes across the entire distributed organization.

Drumz

Drumz

Drumz plc is an investment company whose investing policy is to invest principally but not exclusively in the technology sector within Europe.

Commonwealth Scientific & Industrial Research Organisation (CSIRO)

Commonwealth Scientific & Industrial Research Organisation (CSIRO)

CSIRO is Australia's national science agency. We solve the greatest challenges through innovative science and technology.

Probity

Probity

Probity Inc. is a certified software development and systems engineering company, providing support to federal government and national defense related clients.

CyXcel

CyXcel

CyXcel is a cyber security consulting business grounded in the law which natively fuses crises, legal, technical, and consulting expertise digital networks, information and operational technology.