2023 Cybersecurity – Year in Review

2023 has proven to be another chaotic year for cybersecurity with a resurgence in ransomware and extortion. Geopolitical conflicts have also resulted in an increase in attacks by state-based actors and sympathetic groups. Governing bodies are enacting new regulations and laws around cybersecurity. These factors are raising the stakes and increasing the strain on cybersecurity professionals.

Ransomware and Extortion

The cybersecurity landscape is ever changing. Defense measures through education and cybersecurity solutions have made inroads to help prevent encryption-based ransomware attacks. The profits of these types of attacks, either paid out by organizations or their insurance companies, have motivated threat actors to find new techniques and paths to accomplish their goals. This has also resulted in a substantial uptick in the sheer number of attacks and breaches.

IT and supply chain attacks have seen the largest increase in activity in organizations both big and small. The theft of personal or sensitive information for extortion is increasing the burden on security professionals. These attacks are typically more complex and could involve third party liability with the potential reputational damage for all involved, so the stakes are high.

Attackers have the advantage in the continual implementation of measures and countermeasures in cybersecurity. Defenders need to ward off attacks on every attempt to be successful. Attackers only need to get through the defenses on one of their attempts to succeed. 2023 saw AI come to the forefront and both sides of the fence are looking at ways to leverage it for their success. There are also significantly more mobile and 5G connected IOT devices that attackers can use to gain access. New ransomware toolkits and Ransomware-as-a-Service offerings are enabling more ransomware groups to launch attacks.

Incidents that are not found and fixed quickly can have their associated costs go 1000 times higher. Early detection and containment are key to minimizing the impact.

Geopolitical Conflicts

The Russia-Ukraine and Israel-Hamas conflicts have resulted in an increase in state-sponsored cyberattacks. The targets of these attacks are not limited to only those states directly involved in the conflicts but also to governments and organizations that are in a locale that have provided support to one side or the other. Groups sympathetic to the causes have also increased their attacks. These conflicts can have an impact across the globe. Organizations need to watch for and protect themselves from these threats.

U.S. Securities and Exchange Commission

The U.S. Securities and Exchange Commission (SEC) introduced new regulations on cyber risk management, governance, and incident disclosure, phased in from December 2023 through to July 2024. These regulations require publicly traded companies to notify regulators within four days of a meaningful system compromise, and to give details about their cybersecurity risk governance in annual public filings.

SC Media has reported that a ransomware gang has filed a ‘failure to report complaint” against its own victim to the SEC, no doubt this will be used as another way to extort victims, Hacker group files SEC complaint against its own victim. This is an unintended negative side effect of the regulation.

The SEC has also charged the SolarWinds CISO with fraud. Organizations cannot mislead investors about their cybersecurity practices and risks.

Advanced modern technologies such as AI and quantum computing will have a significant impact on cybersecurity. Having said this, if you implement security fundamentals correctly on your most critical resources, you will greatly improve your chances of staying ahead.

Check out Cygna Labs Security and Compliance solutions to see how they can help you in all stages of a security incident.