2023 Cybersecurity Landscape Recap

Introduction

In the ever-evolving world of cybersecurity, staying informed about the notable ransomware attacks, exploits, breaches, and vulnerabilities throughout the past year is crucial. Looking back at 2023, it's essential to consider the significant cybersecurity stories.

Cyber threats are getting more advanced and widespread. To prepare for future cyber threats in 2024, experts recommend reviewing a list of significant exploits from 2023. Two noteworthy vulnerabilities that garnered attention were CVE-2023-29059 and CVE-2023-34362.

Notable Vulnerabilities of 2023

2023 was a year marked by a multitude of vulnerabilities. What made it particularly challenging was that many of the vulnerabilities were not identified by organizations but were also actively exploited by malicious actors, leading to zero-day attacks. These vulnerabilities created attack vectors in common operating systems, apps, and critical infrastructure. Some of these vectors led to supply chain attacks.

Here is a compiled list of vulnerabilities in 2023:

Name - Date – CVE Number

1. GoAnywhere - January 2023 - CVE-2023-0669
2. ESXI - February 2023 - CVE-2021-21974
3. SmartScreen - March 2023 - CVE-2023-24880
4. Outlook EOP (Elevation of Privilege) - March 2023 - CVE-2023-23397
5. TP-link Aarcher AX21 - March 2023 - CVE-2023-1389
6. MOVEit - June 2023 - CVE-2023-34362
7. Barracuda - June 2023 - CVE-2023-2868
8. VMware aria operation Command injection - June 2023 - CVE-2023-20887
9. Qlik Sense Path traversal - August 2023 - CVE-2023-41266
10. Qlik HTTP Request tunneling - August 2023 - CVE-2023-41265
11. WinRar - August 2023 - CVE-2023-38831
12. SugarCRM injection - January - CVE-2023-22952
13. Adobe ColdFusion - July 2023 - CVE-2023-29298
14. Realtek SDK SOAP - May 2023 - CVE-2023-8361
15. PaperCut - April 2023 - CVE-2023-27350
16. Window common log file system driver EOP (Elevation of privilege vulnerability) - April 2023 - CVE-2023-28252
17. 3CX - April 2023 - CVE-2023-29059
18. JetBrains - September 2023 - CVE-2023-42793
19. Adobe ColdFusion - September 2023 - CVE-2023-38205
20. ThemeBleed - September 2023 - CVE-2023-38146
21. HTTP/2 protocol DOS (Denial of service) - October 2023 - CVE-2023-44487
22. WS_FTP - October 2023 - CVE-2023-40044
23. LibwebP - October 2023 - CVE-2023-4863
24. looney tunables - October 2023 - CVE-2023-4911
25. OwnCloud - November 2023 - CVE-2023-49103
26. SysAid path traversal - November 2023 - CVE-2023-47246
27. Bluetooth Bluffs - November 2023 - CVE-2023-24023
28. Pool Party - December 2023

Notable Ransomware Attacks of 2023

In 2023, ransomware attacks caused significant disruptions and financial losses across various industries. These cyberattacks targeted large corporations and small businesses such as MGM, Ohio Lottery, and Reddit.

Here's a look at the ransomware attacks that occurred in 2023:

Company Name - Date - Number of records stolen - group.

1. Caesars -August to September 2023 - 41,397 records -BlackCat /ALPHV
2. MGM - August to September 2023 – Unknown Amount- BlackCat /ALPHV
3. royal mail - January 2023 – Unknown Amount - Lockbit
4. Reddit - February breach 80GB - BlackCat /ALPHV
5. Bank Syariah Indonesia - May 2023 - 1.5 TB - lockBit
6. City of Dallas - May 2023 -2,600,000 - Royal
7. Seiko - July 2023 - 60,000 – BlackCat /ALPHV
8. TransFrom - October 2023 - 267,000 - DAIXIN
9. Kyocera AVX - March 2023 -39,000 - LockBit
10. PurFoods / Mom's Meals - February 2023 - 1,200,000 – Unknown Group
11. Katholische Hospitalvereinigung Ostwestfalen – December 2023 - Unknown Amount – LockBit
12. Ohio Lottery – December 2023 - 3,000,000 – DragonForce
13. Nissan Australia – December 2023 – 100GB – Akira  

Overall, ransomware attacks in 2023 highlighted the urgent need for organizations to prioritize cybersecurity and invest in robust defense mechanisms. These events made businesses understand the importance of proactive measures like the default-deny approach, unified audit, and employee training.

Notable Breaches of the Year

Cybercriminals were serious about collecting massive amounts of data behind closed doors in 2023. These breaches exposed the vulnerabilities of various organizations and resulted in data exfiltration by the billions.

Here is a look at some of the most significant cybersecurity breaches in 2023:

Company Name - Date - Number of records stolen.

1. UK Electoral Commission - August 2021 to August 2023 - 40,000,000 Records
2. CentraState Medical Center - December 2022 to February 2023 - 617,901 Records
3. Peopleconnect - January 2023 - 20,200,000 Records
4. Twitter - January 2023 - 200,000,000 Records
5. JD Sports - January 2023 - 10,000,000 Records
6. AT&T - January 2023 - 9,000,000 Records
7. Elevel - January 2023 - 1.1 TB
8. TmaxSoft - January 2023 - 56,000,000 records
9. Kodi - February 2023 - 400,000 Records
10. NCB Management - February 2023 – 1,100,000 Records
11. T-Mobile - February 2023 to March 2023 - 836 Records
12. PharMerica - March 2023 - 5,815,591 Records
13. Forever 21 - March 2023 - 500,000 Records
14. Latitude Financial - March 2023 – 14,000,000 Records
15. Sysco - March 2023 - 126,243 Records
16. PJ&A - March 2023 - 9,000,000 Records
17. Americold - April 2023 - 129,000 Records
18. Oregon and Louisiana departments of motor vehicles - May 2023 - 3,500,000 Records
19. Genworth Financial - May 2023 - 2,700,000 Records
20. Toyota - May 2023 - 2,150,000 Records
21. Auto Parts - May 2023 - 119,000 Records
22. Luxottica - May 2023 - 70,000,000 Records
23. Teachers Insurance and Annuity Association of America - May 2023 - 2,400,000 Records
24. Pôle emploi - May 2023 - 10,000,000 Records
25. Delta Dental - May 2023 - 7,000,000 Records
26. Maine Government -May 2023 - 1,300,000 Records
27. Discord.io - May 2023 - 760,000 Records
28. Sony - May 2023 – 6,800 Records
29. MCNA Insurance - May 2023 - 8,900,000 Records
30. Wilton Reassurance - June 2023 - 1,500,000 Records
31. University of Minnesota - July 2023 - 7,000,000 Records
32. HealthEC – July 2023 – 4,500,000 Records
33. WellTok - July 2023 - 8,493,379 Records
34. Tigo - July 2023 - 700,000 Records
35. Dollar Tree - August 2023 - 1,977,486 Records
36. Mclaren Health care - August 2023 - 2,200,000 Records
37. Truepill - August 2023 -2,364,359 Records
38. Kroll – August 2023 – Unknown amount
39. DarkBeam - September 2023 – 3,800,000,000 Records
40. ESO Solutions - September 2023 - 2,700,000 Records
41. Kid security - September 2023 - 300,000,000 Records
42. Airbnb - September 2023 - 1,200,000 Records
43. Okta - September 2023 - 366 Records
44. Pizza Hut Australia - September 2023 - 193,000 Records
45. Rightway Healthcare - September 2023 - 4961 Records
46. ICMR Indian Council of Medical Research - October 2023 – 815,000,000 Records
47. Redcliffe Labs - October 2023 - 12,000,000 Records
48. Yamaha - October 2023 - 37 GB
49. Marina bay Sands - October 2023 - 665,000 Records
50. Xfinity - October 2023 - 36,000,000 Records
51. Mr. Cooper - November 2023 - 14,700,000 Records
52. Idaho National Laboratory - November 2023 - 45,047 Records
53. LoanCare – November - 1,316,938 Records  
54. Mint – December 2023 - Undisclosed amount
55. EasyPark – December 2023 - At least 5,000,000
56. Yakult Australia - December 2023 - 95 GB

Throughout 2023, hackers stole over 5.2 billion records and 1,232 GB of data, excluding those without a number assigned.

If the 5,277,085,907 records were measured by a mile each, it would be enough to navigate the globe 211,918 times or make a round trip to the moon 23,349 times.

Notable Ransomware Group Takedown this year

Ransomware groups were busy in 2023 and caused significant disruptions and financial losses. Well-known groups like BlackCat/ALPHV, Lockbit, Royal, DAIXIN, and DragonForce carried out these attacks, among others.

Note: BlackCat was still developing at the time of writing.

Ransomware Group Name - Date

1. Hive Ransomware - January 2023
2. Bulgaria, Serbia and Cyprus Call Center - January 2023
3. Pompompurin/ Breached hacking forum – March 2023  
4. Cryptbot malware infrastructure – April 2023  
5. 16shop – August 2023  
6. Ragnarlocker - October 2023
7. BulletProftLink – November 2023
8. One Of BlackCat/ALPHV sites - December 2023
9. Kingdom Market - December 2023
10. Olusegun Samson Adejorin – December 2023

Conclusion

Experts expect cybersecurity to become a bigger challenge in 2024 and the future. Threat actors are more likely to employ advanced techniques, leveraging artificial intelligence and machine learning to evade detection. As technology continues to advance, so must the defenses of all organizations. Collaboration between industry experts, government agencies, and individuals will be paramount in combating cyber threats effectively.

In conclusion, reflecting on the ransomware attacks, exploits, breaches, and vulnerabilities of 2023 is a valuable lesson for the future. To improve security in the digital world, we must understand the methods used by cybercriminals and take preventative action.

For more statistics, see this cost breakdown of breaches in 2023. https://thehackernews.com/2023/12/cost-of-data-breach-report-2023.html