The 2023 cyber threat landscape shows an acceleration of known threats like ransomware, while business email compromise (BEC) continues to impact organizations financially according to the latest annual threat report from Secureworks.
Ransomware remains the top threat facing most organizations. The average time between an initial breach and ransomware deployment, known as “dwell time,” has dropped to just 24 hours on average. This is significantly faster compared to 4-5 days in 2022 and 5.5 days in 2021 as reported by ransomware response teams.
The shortening dwell time highlights the urgency for rapid detection and response before ransomware can take hold in an environment. Supply chain attacks through compromised suppliers also remain a strategic vector for threat actors to access their ultimate targets.
Information stealing malware or “infostealers” are on the rise as well, now competing with traditional mass scanning and exploitation attacks. Once infostealers infiltrate a system, they can gather login credentials, cookies, tokens, and other sensitive data to enable further access or financial fraud.
On the delivery side, drive-by downloads have become popular for installing threats like Gootloader and SocGholish malware. This is often accomplished by compromising legitimate websites and injecting code to download malware to site visitors.
Secureworks identifies the top three initial access vectors in incidents as:
- Scanning and exploiting vulnerabilities (32%)
- Leveraging stolen credentials (32%)
- Phishing emails with commoditized malware (14%)
Implementing patching, multi-factor authentication, and monitoring solutions can help reduce the risk of these common attack pathways.
BEC continues to have major financial impacts by intercepting business communications and redirecting payments. Attackers use stolen credentials or social engineering tactics to bypass authentication mechanisms. Organizations are advised to implement MFA comprehensively, prioritize number matching, and reduce SMS-based authentication.
The threat landscape continues to evolve, but following cybersecurity best practices can help reduce risk. Understanding the latest threat intelligence and responding quickly when incidents occur is critical. Read the full 2023 threat report from Secureworks for more details and insights.