The report sheds light on the sectors most at risk, with technical services vendors leading the breach statistics for the fourth consecutive year. Despite this, a silver lining emerges as a significant portion of these vendors demonstrated improvements in their cyber ratings postbreach. The healthcare sector continues to bear the brunt of these incidents, reinforcing the need for heightened security measures within this critical industry.

The report presents the industry’s most comprehensive analysis of intelligence from 2023. It covers threat actors and their playbook of targets, methods, and attacks to help you eliminate blind spots in your current security posture. groups, and more for the year ahead. Wherever you are in your threat intelligence journey, you can use this report as a roadmap. It will help you strengthen your operations, create a forward looking strategy, and protect your organization’s data, intellectual property, and brand reputation.

In this report, we shed light on these vulnerabilities and how they impact commercial and federal organizations today. We provide insights from a survey of IT security and data science leaders navigating these challenges. We share predictions driven by data from HiddenLayer’s experiences securing AI in enterprise environments. Lastly, we reveal cutting-edge advancements in security controls for AI in all its forms.

This report sets itself apart with our proprietary data and insights derived from comprehensive detection coverage coupled with human-led expert investigation and confirmation of threats. The data that powers Deepwatch results from thousands of expert investigations across hundreds of thousands of protected systems. This report examines the broader landscape of threats that leverage techniques and other tradecraft. We also track specific threats associating malicious or suspicious activity with a new or existing threat activity cluster, specific malware variants, abuse of legitimate tools, and known threat actors. ATI continually tracks and analyzes threats throughout the year, publishing weekly threat intelligence reports.

Today’s cyber landscape is threatened by a multitude of malicious actors who have the tools to conduct large-scale fraud schemes, hold our money and data for ransom, and endanger our national security. Profit-driven cybercriminals and nation-state adversaries alike have the capability to paralyze entire school systems, police departments, healthcare facilities, and individual private sector entities. The FBI continues to combat this evolving cyber threat. Our strategy focuses on building strong partnerships with the private sector; removing threats from US networks; pulling back the cloak of anonymity many of these actors hide behind; and hitting cybercriminals where it hurts: their wallets, including their virtual wallets.

Cryptocurrency usage is growing faster than ever before. Across all cryptocurrencies tracked by Chainalysis, total transaction volume grew to $15.8 trillion in 2021, up 567% from 2020’s totals. Given that roaring adoption, it’s no surprise that more cybercriminals are using cryptocurrency. But the fact that the increase in illicit transaction volume was just 79% — nearly an order of magnitude lower than overall adoption — might be the biggest surprise of all.

The events of this year have made clear that although blockchains are inherently transparent, the industry has room for improvement in this respect. There are opportunities to connect off-chain data on liabilities with on-chain data to provide better visibility, and transparency of DeFi, where all transactions are on-chain, is a standard that all crypto services should strive to achieve. As more and more value is transferred to the blockchain, all potential risks will become transparent, and we will have more complete visibility.

2023 was a year of recovery for cryptocurrency, as the industry rebounded from the scandals, blowups, and price declines of 2022. With crypto assets rebounding and market activity growing over the course of 2023, many believe that crypto winter is ending, and a new growth phase may soon be upon us. As always, we have to caveat by saying that these figures are lower bound estimates based on inflows to the illicit addresses we’ve identified today.

The biggest shift the IBM X-Force team observed in 2023 was a pronounced surge in cyberthreats targeting identities. Attackers have a historical inclination to choose the path of least resistance in pursuit of their objectives. In this era, the focus has shifted towards logging in rather than hacking in, highlighting the relative ease of acquiring credentials compared to exploiting vulnerabilities or executing phishing campaigns. Lack of identity protections was corroborated by IBM X-Force penetration testing data for 2023, which ranked identification and authentication failures as the second most common finding.

Ransomware groups exploit vulnerabilities in two distinct categories: those targeted by only a few groups and those widely exploited by several. Each category necessitates different defense strategies. Groups targeting specific vulnerabilities tend to follow particular patterns, enabling companies to prioritize defenses and audits. To defend against unique exploitation, understanding the likely targets and vulnerability types is crucial. Looking ahead to 2024, advancements in generative AI may lower the technical barrier for cybercriminals, facilitating the exploitation of more zero-day vulnerabilities.

2024 is poised to be a hotbed for new challenges in cybersecurity. As both economic and political terrains continue to undergo digitization, enterprises will increasingly leverage artificial intelligence and machine learning (AI/ML), the cloud, and Web3 technologies. While these innovations are expected to lend a hand to organizations, they also provide opportunities for cybercriminals by promising big returns, more streamlined operations on wider impact zones, and more targeted victims. In this report, we detail the focal points of next year’s threat landscape, along with insights and recommended mitigation measures from our team of cybersecurity experts that are designed to guide decision-makers toward well-informed choices.

The healthcare sector is particularly vulnerable to cybersecurity risks and the stakes for patient care and safety are particularly high. Healthcare facilities are attractive targets for cyber criminals in light of their size, technological dependence, sensitive data, and unique vulnerability to disruptions. And cyber incidents in healthcare are on the rise.

The world of cybercrime never stands still. In the new Cyber Threat Report – Edition 2021/22 – the IT experts from Hornet security once again take a close look at the gateway of email communication and analyze the latest cybercriminal scams. In doing so, they examine what threats have emerged in 2021, what has become of Emotet, and what companies need to be prepared for when opening their inboxes in the future.

The Hiscox Cyber Readiness Report 2023 reveals that small business owners are getting smarter, but so are cyber criminals. Although 63% of small businesses in the US are cyber intermediates and 4% are cyber experts, almost half (41%) experienced at least one cyber-attack during the past year. The report surveyed over 5,000 professionals responsible for their company’s cyber security strategy from the US, UK, France, Germany, Spain, Belgium, Republic of Ireland, and The Netherlands, including more than 500 US small business professionals.

As organizations ramp up adoption of AI, edge and multi-cloud infrastructure, they will need broader and deeper visibility into expanding environments. This panoramic view is only possible when all relevant teams and stakeholders are aligned. That’s why organizations should ingrain security into all processes, functions and phases of development. In 2024, collaboration will be essential as resilience becomes non-negotiable. With communication, trust and a commitment to shared strengths, organizations can remain resilient through adversity next year and beyond.

When you overlap Resilience’s claims data with data from ransomware incident response partner Coveware, blockchain analytics firm Chainanalysis, security partner Zscaler, and security firm Sophos, it reveals five key findings that impact both network defenders and the cyber insurance industry at large.

Our findings in this year’s Skybox Vulnerability and Threat Trends Report, detailed below, make the urgency of the situation abundantly clear. Vulnerabilities have skyrocketed, eclipsing all previous records. Attacks are increasing in velocity and impact. Threat actors are targeting more sensitive assets and inflicting more damage. They are better organized—backed increasingly by large crime rings and nation-states—and are employing more sophisticated tools and tactics, such as a growing assortment of backdoor malware and advanced persistent threat (APT) attacks.

This report covers the threat landscape, as encountered by our sensors and analysts in the first half of 2023. General malware data presented in the report is gathered from January–May of this year, and reflects threats targeting endpoints that we observed in these months. The report represents a global outlook and is based on over 1,000,000 unique endpoints distributed around the world. Most of the statistics discussed focus on threats for Windows operating systems, as these are much more prevalent then those targeting macOS and Linux.

In this study on general phishing awareness, over 9,000 simulated phishing emails were sent to users who signed up in 2022. Participants were sent three simulated attacks over the course of a week- all classified as moderate in terms of complexity. The users had to identify these emails. If they clicked, they were forwarded to contextual learning resources.

Our annual Threat Intelligence Report is aimed at anyone interested in cybersecurity, from the technical specialist to the senior CISO. The main focus, however, is to guide decision-makers responsible for developing strategic plans for their organization’s cybersecurity to ensure that resources are well invested. Our report last year focused on technical challenges; this year’s report will focus on real-world changes and how they can impact your organization’s cybersecurity.

The United Kingdom’s National Cyber Security Centre (NCSC) found that cyberattacks against sports organizations are increasingly common, with 70% of those surveyed experiencing at least one attack per year, significantly higher than the average across businesses in the United Kingdom. In this edition we offer first hand learnings about how threat actors assess and infiltrate these environments across venues, teams, and critical infrastructure around the event itself.