These were the most important threats of 2023

In the field of cybersecurity, threat actors have flourished amidst economic and geopolitical uncertainty, deploying cunning and tools to circumvent corporate defenses. According to Verizon’s Data Breach Investigations Report (DBIR), 83% of leaks are the work of external agents, while economic profit is responsible for 95%. ESET, a leader in proactive threat detection, details the top 10 incidents of 2023.

1. MOVEit: Zero-Day Vulnerability Exposes More than 2,600 Organizations

The modus operandi of this attack was to exploit a zero-day vulnerability in popular software, compromising data on more than 83 million people. The magnitude of the impact was compounded by affecting suppliers and service providers in the affected organizations.

2. UK Election Commission: Cybercriminals Expose Data on 40 Million Voters

In August, a complex cyberattack revealed the personal information of 40 million voters. The weak security of the Electoral Commission, coupled with the late notification to the public, raises questions about the effectiveness of its security measures.

3. Police Service of Northern Ireland: Sensitive Data Leak Raises Concern

The accidental posting of sensitive internal data on a public website exposed the information of 10,000 officers and civilian personnel. Although he was available for a short time, he caused concern and led to arrests for terrorist offences.

4. DarkBeam: Biggest Data Leak of the Year with 3.800 Million Records Exposes Vulnerabilities

The DarkBeam digital risk platform disfigured a data visualization interface, exposing 3.8 billion records. Although quickly corrected, uncertainty persists as to whether the data was accessed maliciously.

5. Indian Council for Medical Research (ICMR): Mega Breach Exposes Information of 815 Million Residents

Data extracted from the ICMR’s COVID test base, including crucial information such as names, addresses and Aadhaar numbers, were put up for sale. The seriousness of the incident opens the door to possible identity fraud attacks.

6. 23andMe: Threat Actor Steals Up to 20 Million Genetic Data

Using credential filling techniques, 23andMe user data, including genetic information and family data, was accessed. The incident highlights the importance of maintaining vigilance in the configuration of systems.

7. Rapid Recovery DDoS Attacks: Vulnerability in HTTP/2 Causes Mass Attacks

A zero-day vulnerability in the HTTP/2 protocol allowed unprecedented DDoS attacks, reaching 398 million requests per second. Although Internet giants have patched the bug, other companies are urged to follow suit.

8. T-Mobile: Security Breaches Impact 37 Million Customers

In January, T-Mobile suffered one of the biggest breaches, affecting 37 million customers with sensitive data theft. Despite subsequent action, the company revealed another breach in April, raising concerns about the security of its systems.

9. MGM International/Cesars: Ransomware Attacks Paralyze Operations in Las Vegas

Both Las Vegas giants were attacked with ransomware, causing significant disruptions and substantial economic costs. Infiltration methods, such as the use of LinkedIn, highlight the urgent need for more robust security measures.

10. Pentagon Leaks: Young National Guard Member Leaks Sensitive Military Documents

Young Jack Teixeira leaked sensitive military documents, providing military intelligence to Russia. This incident underscores the importance of safeguarding information in large organizations from malicious intruders.

K. Tovar

Source: Descifrado

(Reference image source: Unsplash+)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram