It seems the breach of the file transfer service MOVEit was one of the biggest cyberattacks of 2023 - despite it being a year in which a number of dangerous new trends and tactics emerged.
A new report from ESET examined the most significant cyber incidents of the second half of 2023, noting that what made the MOVEit breach unique, aside from its widespread impact, was the fact that no ransomware was actually deployed by Cl0p, the gang behind the attack.
It also leaked stolen data from victim organizations onto public website, another case of a new tactic being employed by cybercriminals. This was emulated by the notorious ALPHV/ BlackCat ransomware gang, who were also prevalent this year.
Emerging trends
In its report, ESET notes that due to the sheer scale of the MOVEit hack, it was likely too much effort for Cl0p to encrypt every victim it captured. ESET cites figures from Emsisoft who estimates the number of affected organizations after six months to be over 2,600.
Victims ranged from government agencies, schools and healthcare, to major firms like Sony and PricewaterhouseCoopers (PwC).
Another emerging trend for this year has been the rise of attacks involving AI, not surprising given the boom the technology has experienced in the wake of ChatGPT's public release in November 2022.
Many campaigns have targeted users of AI tools like ChatGPT, as well as creating fake domains resembling 'ChatGPT' in their wording. Such domains include web apps that use the OpenAI API keys in an insecure way, threatening user's data privacy.
Also taking this year by storm was the Lumma stealer, which was very successful in stealing crypto wallets. It alone was responsible for a 68% rise in crypto theft this year, accounting for 80% of detections in this sector. The Lumma malware has also been stealing credentials and other information, with the total number of Lumma detections tripling between H1 and H2 2023.
And the ever-present Magecart threat, which has been hassling retailers since 2015, still remains strong - in fact it has actually been growing this year. It injects code into unsecure websites to steal information from users, such as their credit card details. The number of detections between 2021 and 2023 rose by 343%.
Jiří Kropáč, Director of Threat Detection at ESET, concludes that "these developments show an ever-evolving cybersecurity landscape, with threat actors using a wide range of tactics." With the rise of AI and the constantly evolving tactics of threat actors, it looks as if attacks will only worsen going into next year too.
