The Ghosts of Cyber Threats Past: Reflecting on 2023
As we bid farewell to 2023, it’s a good time to look back on the biggest cyber security incidents that unfolded over the past year. The digital realm is ever-evolving, with new challenges emerging all the time – alongside innovative solutions. In this blog, we’ll revisit some of the most notable cyber threats and incidents of 2023, and share valuable insights and advice for the future.
Royal Mail’s Ransomware Attack
In January, it was revealed that Royal Mail in the UK had fallen victim to a ransomware attack. Their cyber security woes had technically begun in November 2022, when the organisation detected Emotet malware on its servers. The January ransomware attack used LockBit Ransomware-as-a-Service (RaaS), and impacted a distribution centre near Belfast, affecting international deliveries. The National Cyber Security Centre and other agencies became involved, because they recognise Royal Mail as Critical National Infrastructure (CNI). Initially, officials didn’t reveal details of the ransom, but the hackers demanded nearly £65.7 million. When Royal Mail refused to pay, LockBit leaked their discussions online. In November, Royal Mail announced that it would be spending £10 million. This will go towards strengthening its cyber defences, and reducing the chance of any future attacks.
Infosec K2K Tip: With our Managed SOC services, you can rest easy knowing that someone is watching over your network. Our expert team offers 24/7 protection, and can act quickly and efficiently to deal with any threats to minimise damage.
Supply Chain Sabotage
2023 witnessed a significant rise in supply chain attacks – they’re set to cost the world $60 billion by 2025. These cyber incidents see criminals infiltrating organisations through vulnerabilities in suppliers’ networks, and wreaking havoc up and down the supply chain. Experts are urging businesses to adopt more stringent vendor risk management strategies, and regularly assess suppliers’ cyber defences. The biggest supply chain attack of 2023 – and the largest in recent history – was the MOVEit Transfer breach, which affected more than 60 million individuals. Back in May, the Clop ransomware gang exploited a vulnerability in MOVEit Transfer servers, compromising sensitive data belonging to thousands of global organisations. Approximately 83.9% of known victims come from the United States, while 3.6% are from Germany. MOVEit patched the flaw in May, but more and more victims have come forward throughout the year, and the full extent of the breach isn’t yet known.
Infosec K2K Tip: Here at Infosec K2K, we offer comprehensive security assessment services. With our expertise, businesses can identify potential threats within your network and your supply chain’s network, ensuring resilient and secure cyber defences.
MGM’s Phishing Fiasco
Phishing attacks continued to evolve in 2023, becoming more sophisticated. Traditional cyber security measures are insufficient in the face of these attacks, and employee training is paramount. One of the biggest cyber incidents was at MGM Resorts. The casino chain faced a significant cyber attack in September, which disrupted operations for several days. It affected everything from slot machines to hotel room keys, and compromised customer data. The attack was the result of a phishing scheme orchestrated by the hacking group Scattered Spider. The gang is infamous for its social engineering and ‘vishing,’ or convincing phone calls. The hackers impersonated an employee after finding their information on LinkedIn. They then contacted MGM’s IT help desk to obtain credentials before infiltrating the organisation’s systems. The incident shows that organisations of all sizes can fall victim to cyber threats rooted in human manipulation – 90% of all cyber attacks begin with phishing.
Infosec K2K Tip: At Infosec K2K, we recommend educating your staff on recognising phishing attacks, and conduct simulations and exercises to keep them vigilant. Implementing multi-factor authentication (MFA) can also add an extra layer of protection. IAM assessments are also indispensable, as it was inadequate IAM policies that helped malicious actors compromise MGM’s network. We can help you reduce your attack surface by analysing your access controls and pinpointing any weaknesses.
Zero-Day Dilemmas
The discovery of zero-day vulnerabilities throughout 2023 served as a wake-up call for businesses relying on outdated systems. Businesses should regularly update and patch their software to eliminate potential vulnerabilities. They can stay informed about emerging threats and zero-day vulnerabilities by using threat intelligence services. One of the biggest zero-day vulnerabilities uncovered this year was CVE-2023-27350, a flaw in Microsoft’s PaperCut print management software. The vulnerability allows hackers to bypass authentication procedures and execute codes with heightened privileges. Cyber criminals quickly took advantage of this after it was uncovered in April, and it was linked to a number of ransomware attacks. The cloud security firm Qualys reported that “four malware(s), four threat actors, and four ransomware(s)” had all exploited the vulnerability.
Infosec K2K Tip: Infosec K2K has partnered with top cyber security vendors. These businesses, like Qualys and DomainTools, allow businesses to stay ahead of the curve. By integrating their threat intelligence services, organisations can proactively address any new zero-day vulnerabilities and protect themselves against emerging threats.
As we close the book on 2023, it’s evident that the cyber threats of yesterday can shape the defences of tomorrow. It’s important for businesses to learn from cyber incidents that transpired, and fortify their own defences against ever-evolving threats. By reflecting on the ghosts of cyber threats past, we can pave the way for a more secure digital future.
Whatever solution you’re looking for, we can help. The experts at Infosec K2K can offer you specialist guidance, and help you find the product that’s the best fit for you.
Get in touch with us to find out more about how we can help you.