An analysis of cybersecurity incidents in 2023 published by IBM finds there was a 44% decrease in phishing attacks in 2023, which in part contributed to a 12% decline in ransomware attacks against enterprises as cybersecurity overall appears to be improving. Nearly one in three of those cyberattacks targeted Europe, with the region also experiencing the most ransomware attacks globally (26%), the report finds.

While to a certain degree the report indicates progress, it also warns that with the rise of generative artificial intelligence (AI) the overall decline in cyberattacks seen in 2023 may only prove to be the proverbial calm before an inevitable storm in 2024. The IBM X-Force research was able to identify more than 800,000 posts pertaining to AI and GPT on dark web forums.

In fact, the report notes there was a 266% increase in incidents involving infostealing malware being used to steal personal identifiable information.

IBM also notes nearly 70% of attacks that X-Force responded to were aimed at providers of critical infrastructure organizations, with nearly 85% exploiting public-facing applications, phishing emails, and compromised of valid accounts. According to X-Force, major incidents caused by attackers using valid accounts were associated to nearly 200% more complex response measures by security teams than the average incident. X-Force Red penetration testing engagements indicate that security misconfigurations accounted for 30% of total exposures identified, with more than 140 ways that attackers can exploit misconfigurations being identified.

Improving cybersecurity defenses

Nearly 85% of those attacks could have been mitigated with patching, multifactor authentication, or least-privilege principles, the report noted. The report also noted there has been a 100% increase in “Kerberoasting” attacks where cybercriminals impersonate users to escalate privileges by abusing Microsoft Active Directory tickets.

IBM attributes much of the decline in ransomware attacks to improved cybersecurity defenses being put in place by large enterprises. The trouble is that if history is any guide, it’s only a matter of time before cybercriminals adjust their tactics and techniques to exploit other weaknesses. As usual, most of those attacks are likely to be variations of existing attack vectors that have been subtly adjusted to evade defense mechanisms.

In fact, one of the most challenging discussions cybersecurity teams are having with business leaders these days is explaining how cyberattacks will continuously evolve. Business leaders want to know after years of increasing spending on cybersecurity if the organization is any more secure. The challenge is that cyberattacks continue to evolve in ways that require organizations to acquire new tools and processes to thwart them while making sure they still have the capabilities in place to thwart known attacks. For example, very few organizations today have the ability to thwart deepfake attacks created using AI technologies that will soon be seen with increased regularity.

Hopefully, it won’t require a rash of successful high-profile attacks using AI technologies to motivate organizations to keep investing in cybersecurity. One way or another, however, it’s only a matter of time now before the need to make those investments becomes apparent to all.

PMD Data Solutions have a number of methods we can use to establish the condition of your cyber security.

Some of those include, Email Threat Scanning, Vulnerability assessment and Penetration Testing with full auditable reporting.

Maybe you are working through Cyber Essentials Plus, or perhaps starting your ISO27001 journey...we can help!

If you would like some assistance reviewing your Cyber Security Posture, please email solutions@pmddatasolutions.co.uk