“Jet Infosystems” presented a report on cyber threats recorded during 2023

“Jet Infosystems” presented a report on cyber threats recorded during 2023

The Jet Infosystems company provided an analytical report where it analyzed 10,000 incidents for 2023. In this report, experts noted an increase in the total number of cyber attacks by 11% compared to 2022. According to the report, 72% of companies were found to have critical vulnerabilities at the perimeter, which are a possible entry point for an attacker into the company’s infrastructure.

According to a new report, 90% of the analyzed companies faced a breach of corporate accounts in 2023. In 48% of cases of leaks, the account is mentioned in connection with the password, in 44% – in connection with the hash, which helps the cybercriminal to compromise the account. In the framework of the 2023 report, experts identified the following main categories of vulnerabilities:

  • 46% – unsafe infrastructure configuration (use of LLMNR/NBTNS/mDNS protocols, availability of administrative interfaces, disclosure of information about program components);

  • 23% – outdated software, for example, software with open vulnerabilities Log4j and MS17-010;

  • 23% – simple or dictionary passwords of users and service accounts, including the use of the common pair “admin:admin”.

93% of companies that have been monitored for external threats are mentioned on darknet forums and hacker Telegram channels. Experts said that in 2023, the problem of penetration through subcontractors became particularly acute (every fifth significant incident).

During 2023, IT specialists observed a systemic complication of the nature and methods of cyber-attacks, for example, the use of difficult-to-detect pests, the use of automation tools and the preparation of attacks with the help of artificial intelligence technologies, multi-component hacking chains through trusted partners. According to IS experts, the share of low-skilled hackers, hacktivists and script kiddies involved in last year’s attacks has decreased. In 2024, analysts expect an increase in sophisticated multi-stage cyber attacks.

In the forecasts for 2024, one of the key priorities for improving business cyber resilience is declared to be supply chain risk management. Also, analysts predict that in 2024, attackers will continue to actively recruit insiders inside companies to gain access to the network of these organizations and “leak” critical data. The full version of the report is available on the IS company’s website.

Related posts