Table of Contents
Introduction
In the ever-evolving world of cybersecurity, staying informed about the notable ransomware attacks, exploits, breaches, and vulnerabilities throughout the past year is crucial. Looking back at 2023, it's essential to consider the significant cybersecurity stories.
Cyber threats are getting more advanced and widespread. To prepare for future cyber threats in 2024, experts recommend reviewing a list of significant exploits from 2023. Two noteworthy vulnerabilities that garnered attention were CVE-2023-29059 and CVE-2023-34362.
Notable Vulnerabilities of 2023
2023 was a year marked by a multitude of vulnerabilities. What made it particularly challenging was that many of the vulnerabilities were not identified by organizations but were also actively exploited by malicious actors, leading to zero-day attacks. These vulnerabilities created attack vectors in common operating systems, apps, and critical infrastructure. Some of these vectors led to supply chain attacks.
Here is a compiled list of vulnerabilities in 2023:
Name - Date – CVE Number
- GoAnywhere - January 2023 - CVE-2023-0669
- ESXI - February 2023 - CVE-2021-21974
- SmartScreen - March 2023 - CVE-2023-24880
- Outlook EOP (Elevation of Privilege) - March 2023 - CVE-2023-23397
- TP-link Aarcher AX21 - March 2023 - CVE-2023-1389
- MOVEit - June 2023 - CVE-2023-34362
- Barracuda - June 2023 - CVE-2023-2868
- VMware aria operation Command injection - June 2023 - CVE-2023-20887
- Qlik Sense Path traversal - August 2023 - CVE-2023-41266
- Qlik HTTP Request tunneling - August 2023 - CVE-2023-41265
- WinRar - August 2023 - CVE-2023-38831
- SugarCRM injection - January - CVE-2023-22952
- Adobe ColdFusion - July 2023 - CVE-2023-29298
- Realtek SDK SOAP - May 2023 - CVE-2023-8361
- PaperCut - April 2023 - CVE-2023-27350
- Window common log file system driver EOP (Elevation of privilege vulnerability) - April 2023 - CVE-2023-28252
- 3CX - April 2023 - CVE-2023-29059
- JetBrains - September 2023 - CVE-2023-42793
- Adobe ColdFusion - September 2023 - CVE-2023-38205
- ThemeBleed - September 2023 - CVE-2023-38146
- HTTP/2 protocol DOS (Denial of service) - October 2023 - CVE-2023-44487
- WS_FTP - October 2023 - CVE-2023-40044
- LibwebP - October 2023 - CVE-2023-4863
- looney tunables - October 2023 - CVE-2023-4911
- OwnCloud - November 2023 - CVE-2023-49103
- SysAid path traversal - November 2023 - CVE-2023-47246
- Bluetooth Bluffs - November 2023 - CVE-2023-24023
- Pool Party - December 2023
Notable Ransomware Attacks of 2023
In 2023, ransomware attacks caused significant disruptions and financial losses across various industries. These cyberattacks targeted large corporations and small businesses such as MGM, Ohio Lottery, and Reddit.
Here's a look at the ransomware attacks that occurred in 2023:
Company Name - Date - Number of records stolen - group.
- Caesars -August to September 2023 - 41,397 records -BlackCat /ALPHV
- MGM - August to September 2023 – Unknown Amount- BlackCat /ALPHV
- royal mail - January 2023 – Unknown Amount - Lockbit
- Reddit - February breach 80GB - BlackCat /ALPHV
- Bank Syariah Indonesia - May 2023 - 1.5 TB - lockBit
- City of Dallas - May 2023 -2,600,000 - Royal
- Seiko - July 2023 - 60,000 – BlackCat /ALPHV
- TransFrom - October 2023 - 267,000 - DAIXIN
- Kyocera AVX - March 2023 -39,000 - LockBit
- PurFoods / Mom's Meals - February 2023 - 1,200,000 – Unknown Group
- Katholische Hospitalvereinigung Ostwestfalen – December 2023 - Unknown Amount – LockBit
- Ohio Lottery – December 2023 - 3,000,000 – DragonForce
- Nissan Australia – December 2023 – 100GB – Akira
Overall, ransomware attacks in 2023 highlighted the urgent need for organizations to prioritize cybersecurity and invest in robust defense mechanisms. These events made businesses understand the importance of proactive measures like the default-deny approach, unified audit, and employee training.
Notable Breaches of the Year
Cybercriminals were serious about collecting massive amounts of data behind closed doors in 2023. These breaches exposed the vulnerabilities of various organizations and resulted in data exfiltration by the billions.
Here is a look at some of the most significant cybersecurity breaches in 2023:
Company Name - Date - Number of records stolen.
- UK Electoral Commission - August 2021 to August 2023 - 40,000,000 Records
- CentraState Medical Center - December 2022 to February 2023 - 617,901 Records
- Peopleconnect - January 2023 - 20,200,000 Records
- Twitter - January 2023 - 200,000,000 Records
- JD Sports - January 2023 - 10,000,000 Records
- AT&T - January 2023 - 9,000,000 Records
- Elevel - January 2023 - 1.1 TB
- TmaxSoft - January 2023 - 56,000,000 records
- Kodi - February 2023 - 400,000 Records
- NCB Management - February 2023 – 1,100,000 Records
- T-Mobile - February 2023 to March 2023 - 836 Records
- PharMerica - March 2023 - 5,815,591 Records
- Forever 21 - March 2023 - 500,000 Records
- Latitude Financial - March 2023 – 14,000,000 Records
- Sysco - March 2023 - 126,243 Records
- PJ&A - March 2023 - 9,000,000 Records
- Americold - April 2023 - 129,000 Records
- Oregon and Louisiana departments of motor vehicles - May 2023 - 3,500,000 Records
- Genworth Financial - May 2023 - 2,700,000 Records
- Toyota - May 2023 - 2,150,000 Records
- Auto Parts - May 2023 - 119,000 Records
- Luxottica - May 2023 - 70,000,000 Records
- Teachers Insurance and Annuity Association of America - May 2023 - 2,400,000 Records
- Pôle emploi - May 2023 - 10,000,000 Records
- Delta Dental - May 2023 - 7,000,000 Records
- Maine Government -May 2023 - 1,300,000 Records
- Discord.io - May 2023 - 760,000 Records
- Sony - May 2023 – 6,800 Records
- MCNA Insurance - May 2023 - 8,900,000 Records
- Wilton Reassurance - June 2023 - 1,500,000 Records
- University of Minnesota - July 2023 - 7,000,000 Records
- HealthEC – July 2023 – 4,500,000 Records
- WellTok - July 2023 - 8,493,379 Records
- Tigo - July 2023 - 700,000 Records
- Dollar Tree - August 2023 - 1,977,486 Records
- Mclaren Health care - August 2023 - 2,200,000 Records
- Truepill - August 2023 -2,364,359 Records
- Kroll – August 2023 – Unknown amount
- DarkBeam - September 2023 – 3,800,000,000 Records
- ESO Solutions - September 2023 - 2,700,000 Records
- Kid security - September 2023 - 300,000,000 Records
- Airbnb - September 2023 - 1,200,000 Records
- Okta - September 2023 - 366 Records
- Pizza Hut Australia - September 2023 - 193,000 Records
- Rightway Healthcare - September 2023 - 4961 Records
- ICMR Indian Council of Medical Research - October 2023 – 815,000,000 Records
- Redcliffe Labs - October 2023 - 12,000,000 Records
- Yamaha - October 2023 - 37 GB
- Marina bay Sands - October 2023 - 665,000 Records
- Xfinity - October 2023 - 36,000,000 Records
- Mr. Cooper - November 2023 - 14,700,000 Records
- Idaho National Laboratory - November 2023 - 45,047 Records
- LoanCare – November - 1,316,938 Records
- Mint – December 2023 - Undisclosed amount
- EasyPark – December 2023 - At least 5,000,000
- Yakult Australia - December 2023 - 95 GB
Throughout 2023, hackers stole over 5.2 billion records and 1,232 GB of data, excluding those without a number assigned.
If the 5,277,085,907 records were measured by a mile each, it would be enough to navigate the globe 211,918 times or make a round trip to the moon 23,349 times.
Notable Ransomware Group Takedown this year
Ransomware groups were busy in 2023 and caused significant disruptions and financial losses. Well-known groups like BlackCat/ALPHV, Lockbit, Royal, DAIXIN, and DragonForce carried out these attacks, among others.
Note: BlackCat was still developing at the time of writing.
Ransomware Group Name - Date
- Hive Ransomware - January 2023
- Bulgaria, Serbia and Cyprus Call Center - January 2023
- Pompompurin/ Breached hacking forum – March 2023
- Cryptbot malware infrastructure – April 2023
- 16shop – August 2023
- Ragnarlocker - October 2023
- BulletProftLink – November 2023
- One Of BlackCat/ALPHV sites - December 2023
- Kingdom Market - December 2023
- Olusegun Samson Adejorin – December 2023
Conclusion
Experts expect cybersecurity to become a bigger challenge in 2024 and the future. Threat actors are more likely to employ advanced techniques, leveraging artificial intelligence and machine learning to evade detection. As technology continues to advance, so must the defenses of all organizations. Collaboration between industry experts, government agencies, and individuals will be paramount in combating cyber threats effectively.
In conclusion, reflecting on the ransomware attacks, exploits, breaches, and vulnerabilities of 2023 is a valuable lesson for the future. To improve security in the digital world, we must understand the methods used by cybercriminals and take preventative action.
For more statistics, see this cost breakdown of breaches in 2023. https://thehackernews.com/2023/12/cost-of-data-breach-report-2023.html