Get a FREE Report of the Software Running in Your Environment - Including Risks & Countries of Origin
Back to Blogs Back to Press Releases
ThreatLocker blog header

2023 Cybersecurity Landscape Recap

Table of Contents

Introduction

In the ever-evolving world of cybersecurity, staying informed about the notable ransomware attacks, exploits, breaches, and vulnerabilities throughout the past year is crucial. Looking back at 2023, it's essential to consider the significant cybersecurity stories.

Cyber threats are getting more advanced and widespread. To prepare for future cyber threats in 2024, experts recommend reviewing a list of significant exploits from 2023. Two noteworthy vulnerabilities that garnered attention were CVE-2023-29059 and CVE-2023-34362.

Notable Vulnerabilities of 2023

2023 was a year marked by a multitude of vulnerabilities. What made it particularly challenging was that many of the vulnerabilities were not identified by organizations but were also actively exploited by malicious actors, leading to zero-day attacks. These vulnerabilities created attack vectors in common operating systems, apps, and critical infrastructure. Some of these vectors led to supply chain attacks.

Here is a compiled list of vulnerabilities in 2023:

Name - Date – CVE Number

  1. GoAnywhere - January 2023 - CVE-2023-0669
  2. ESXI - February 2023 - CVE-2021-21974
  3. SmartScreen - March 2023 - CVE-2023-24880
  4. Outlook EOP (Elevation of Privilege) - March 2023 - CVE-2023-23397
  5. TP-link Aarcher AX21 - March 2023 - CVE-2023-1389
  6. MOVEit - June 2023 - CVE-2023-34362
  7. Barracuda - June 2023 - CVE-2023-2868
  8. VMware aria operation Command injection - June 2023 - CVE-2023-20887
  9. Qlik Sense Path traversal - August 2023 - CVE-2023-41266
  10. Qlik HTTP Request tunneling - August 2023 - CVE-2023-41265
  11. WinRar - August 2023 - CVE-2023-38831
  12. SugarCRM injection - January - CVE-2023-22952
  13. Adobe ColdFusion - July 2023 - CVE-2023-29298
  14. Realtek SDK SOAP - May 2023 - CVE-2023-8361
  15. PaperCut - April 2023 - CVE-2023-27350
  16. Window common log file system driver EOP (Elevation of privilege vulnerability) - April 2023 - CVE-2023-28252
  17. 3CX - April 2023 - CVE-2023-29059
  18. JetBrains - September 2023 - CVE-2023-42793
  19. Adobe ColdFusion - September 2023 - CVE-2023-38205
  20. ThemeBleed - September 2023 - CVE-2023-38146
  21. HTTP/2 protocol DOS (Denial of service) - October 2023 - CVE-2023-44487
  22. WS_FTP - October 2023 - CVE-2023-40044
  23. LibwebP - October 2023 - CVE-2023-4863
  24. looney tunables - October 2023 - CVE-2023-4911
  25. OwnCloud - November 2023 - CVE-2023-49103
  26. SysAid path traversal - November 2023 - CVE-2023-47246
  27. Bluetooth Bluffs - November 2023 - CVE-2023-24023
  28. Pool Party - December 2023

Notable Ransomware Attacks of 2023

In 2023, ransomware attacks caused significant disruptions and financial losses across various industries. These cyberattacks targeted large corporations and small businesses such as MGM, Ohio Lottery, and Reddit.

Here's a look at the ransomware attacks that occurred in 2023:

Company Name - Date - Number of records stolen - group.

  1. Caesars -August to September 2023 - 41,397 records -BlackCat /ALPHV
  2. MGM - August to September 2023 – Unknown Amount- BlackCat /ALPHV
  3. royal mail - January 2023 – Unknown Amount - Lockbit
  4. Reddit - February breach 80GB - BlackCat /ALPHV
  5. Bank Syariah Indonesia - May 2023 - 1.5 TB - lockBit
  6. City of Dallas - May 2023 -2,600,000 - Royal
  7. Seiko - July 2023 - 60,000 – BlackCat /ALPHV
  8. TransFrom - October 2023 - 267,000 - DAIXIN
  9. Kyocera AVX - March 2023 -39,000 - LockBit
  10. PurFoods / Mom's Meals - February 2023 - 1,200,000 – Unknown Group
  11. Katholische Hospitalvereinigung Ostwestfalen – December 2023 - Unknown Amount – LockBit
  12. Ohio Lottery – December 2023 - 3,000,000 – DragonForce
  13. Nissan Australia – December 2023 – 100GB – Akira  

Overall, ransomware attacks in 2023 highlighted the urgent need for organizations to prioritize cybersecurity and invest in robust defense mechanisms. These events made businesses understand the importance of proactive measures like the default-deny approach, unified audit, and employee training.

Notable Breaches of the Year

Cybercriminals were serious about collecting massive amounts of data behind closed doors in 2023. These breaches exposed the vulnerabilities of various organizations and resulted in data exfiltration by the billions.

Here is a look at some of the most significant cybersecurity breaches in 2023:

Company Name - Date - Number of records stolen.

  1. UK Electoral Commission - August 2021 to August 2023 - 40,000,000 Records
  2. CentraState Medical Center - December 2022 to February 2023 - 617,901 Records
  3. Peopleconnect - January 2023 - 20,200,000 Records
  4. Twitter - January 2023 - 200,000,000 Records
  5. JD Sports - January 2023 - 10,000,000 Records
  6. AT&T - January 2023 - 9,000,000 Records
  7. Elevel - January 2023 - 1.1 TB
  8. TmaxSoft - January 2023 - 56,000,000 records
  9. Kodi - February 2023 - 400,000 Records
  10. NCB Management - February 2023 – 1,100,000 Records
  11. T-Mobile - February 2023 to March 2023 - 836 Records
  12. PharMerica - March 2023 - 5,815,591 Records
  13. Forever 21 - March 2023 - 500,000 Records
  14. Latitude Financial - March 2023 – 14,000,000 Records
  15. Sysco - March 2023 - 126,243 Records
  16. PJ&A - March 2023 - 9,000,000 Records
  17. Americold - April 2023 - 129,000 Records
  18. Oregon and Louisiana departments of motor vehicles - May 2023 - 3,500,000 Records
  19. Genworth Financial - May 2023 - 2,700,000 Records
  20. Toyota - May 2023 - 2,150,000 Records
  21. Auto Parts - May 2023 - 119,000 Records
  22. Luxottica - May 2023 - 70,000,000 Records
  23. Teachers Insurance and Annuity Association of America - May 2023 - 2,400,000 Records
  24. Pôle emploi - May 2023 - 10,000,000 Records
  25. Delta Dental - May 2023 - 7,000,000 Records
  26. Maine Government -May 2023 - 1,300,000 Records
  27. Discord.io - May 2023 - 760,000 Records
  28. Sony - May 2023 – 6,800 Records
  29. MCNA Insurance - May 2023 - 8,900,000 Records
  30. Wilton Reassurance - June 2023 - 1,500,000 Records
  31. University of Minnesota - July 2023 - 7,000,000 Records
  32. HealthEC – July 2023 – 4,500,000 Records
  33. WellTok - July 2023 - 8,493,379 Records
  34. Tigo - July 2023 - 700,000 Records
  35. Dollar Tree - August 2023 - 1,977,486 Records
  36. Mclaren Health care - August 2023 - 2,200,000 Records
  37. Truepill - August 2023 -2,364,359 Records
  38. Kroll – August 2023 – Unknown amount
  39. DarkBeam - September 2023 – 3,800,000,000 Records
  40. ESO Solutions - September 2023 - 2,700,000 Records
  41. Kid security - September 2023 - 300,000,000 Records
  42. Airbnb - September 2023 - 1,200,000 Records
  43. Okta - September 2023 - 366 Records
  44. Pizza Hut Australia - September 2023 - 193,000 Records
  45. Rightway Healthcare - September 2023 - 4961 Records
  46. ICMR Indian Council of Medical Research - October 2023 – 815,000,000 Records
  47. Redcliffe Labs - October 2023 - 12,000,000 Records
  48. Yamaha - October 2023 - 37 GB
  49. Marina bay Sands - October 2023 - 665,000 Records
  50. Xfinity - October 2023 - 36,000,000 Records
  51. Mr. Cooper - November 2023 - 14,700,000 Records
  52. Idaho National Laboratory - November 2023 - 45,047 Records
  53. LoanCare – November - 1,316,938 Records  
  54. Mint – December 2023 - Undisclosed amount
  55. EasyPark – December 2023 - At least 5,000,000
  56. Yakult Australia - December 2023 - 95 GB

Throughout 2023, hackers stole over 5.2 billion records and 1,232 GB of data, excluding those without a number assigned.

If the 5,277,085,907 records were measured by a mile each, it would be enough to navigate the globe 211,918 times or make a round trip to the moon 23,349 times.

Notable Ransomware Group Takedown this year

Ransomware groups were busy in 2023 and caused significant disruptions and financial losses. Well-known groups like BlackCat/ALPHV, Lockbit, Royal, DAIXIN, and DragonForce carried out these attacks, among others.

Note: BlackCat was still developing at the time of writing.

Ransomware Group Name - Date

  1. Hive Ransomware - January 2023
  2. Bulgaria, Serbia and Cyprus Call Center - January 2023
  3. Pompompurin/ Breached hacking forum – March 2023  
  4. Cryptbot malware infrastructure – April 2023  
  5. 16shop – August 2023  
  6. Ragnarlocker - October 2023
  7. BulletProftLink – November 2023
  8. One Of BlackCat/ALPHV sites - December 2023
  9. Kingdom Market - December 2023
  10. Olusegun Samson Adejorin – December 2023

Conclusion

Experts expect cybersecurity to become a bigger challenge in 2024 and the future. Threat actors are more likely to employ advanced techniques, leveraging artificial intelligence and machine learning to evade detection. As technology continues to advance, so must the defenses of all organizations. Collaboration between industry experts, government agencies, and individuals will be paramount in combating cyber threats effectively.

In conclusion, reflecting on the ransomware attacks, exploits, breaches, and vulnerabilities of 2023 is a valuable lesson for the future. To improve security in the digital world, we must understand the methods used by cybercriminals and take preventative action.

For more statistics, see this cost breakdown of breaches in 2023. https://thehackernews.com/2023/12/cost-of-data-breach-report-2023.html