8% Spike in Global Cyberattacks

Traditional and modern elements converge in the realm of cybercrime, where artificial intelligence and USB devices unexpectedly collaborate as partners in wrongdoing. The first half of the year witnesses Lockbit3 spearheading a surge in ransomware incidents, while novel attack patterns bring forth unconventional targets into the spotlight.

Check Point Research (CPR), the Threat Intelligence division of Check Point® Software Technologies Ltd., a prominent global provider of cybersecurity solutions, has introduced its Mid-Year Security Report for 2023. The report has revealed a concerning 8% increase in worldwide weekly cyberattacks during the second quarter, marking the most significant upsurge in two years. This rise underscores how attackers have ingeniously amalgamated advanced AI technologies with well-established tools such as USB devices to execute disruptive cyberattacks. The report also highlights the escalation of ransomware attacks in the first half of the year, involving the emergence of new ransomware groups.

From the triple extortion attack on the University of Manchester to the emergence of the Anonymous Sudan group targeting Western entities, the 2023 Mid-Year Security Report exposes the patterns and actions that have characterized this year thus far.

Key findings from the 2023 Mid-Year Security Report include:

Ransomware groups have elevated their tactics, capitalizing on vulnerabilities in commonly used corporate software and transitioning from merely encrypting data to exfiltrating it.

USB devices have reemerged as significant threats, with both state-affiliated entities and cybercriminals employing USB drives as vectors to infiltrate organizations globally.

Hacktivism has witnessed a surge, with politically motivated groups launching assaults on specific targets.

The misuse of Artificial Intelligence has intensified, as generative AI tools are employed to craft phishing emails, keystroke monitoring malware, and rudimentary ransomware code, emphasizing the need for stricter regulatory measures.

In the first half of 2023, over 2,200 victims have been compromised by 48 ransomware groups, with Lockbit3 being the most active, reporting a 20% rise in victims compared to H1 2022. The emergence of new groups like Royal and Play is attributed to the discontinuation of Hive and Conti Ransomware-as-a-Service (RaaS) operations. Geographically, 45% of victims are situated in the US, with an unexpected increase in Russian targets due to the actions of the new actor “MalasLocker,” which replaces ransom demands with charitable donations. The manufacturing and retail sectors have experienced the highest number of victims, indicating a shift in ransomware attack strategy.

Maya Horowitz, VP of Research at Check Point Software, commented, “Criminal activities have continued to rise in the first half of the year, with an 8% surge in global weekly cyberattacks in the second quarter marking the highest volume in two years. Familiar threats such as ransomware and hacktivism have evolved further, with threat groups modifying their methods and tools to infect and affect organisations worldwide. Even legacy technology such as USB storage devices, which have long been gathering dust in desk drawers, have gained popularity as a malware messenger.”

Horowitz further emphasized the necessity for organizations to establish a cyber resiliency strategy and fortify their defenses through an integrated, prevention-focused approach to cybersecurity. While cyberattacks are inevitable, proactive measures and appropriate security technologies can largely prevent their success.

The 2023 Mid-Year Security Report offers a comprehensive overview of the cyber threat landscape. The insights are based on data extracted from the Check Point ThreatCloud Cyber-Threat Map, which analyzes the primary tactics employed by cybercriminals in their attacks. The complete report can be accessed here: Report Link