Year in review: 2023’s top cybersecurity headlines
This year kept cybersecurity specialists busy and often staying up late. There were plenty of headlines and news stories that cybersecurity experts consider the most consequential of 2023. From significant ransomware attacks, AI-infused malware, state-sponsored mischief, evolving threats, and a raft of new and proposed legislation.
Last week, we looked at some of the top cybersecurity trends of 2023, and this week we’ll review the headline-grabbing stories from the past 12 months.
Artificial Intelligence
No discussion of trends or news stories in 2023 would be complete without including the mainstream arrival of artificial intelligence. While widespread use of AI by hackers didn’t materialize, hackers used AI to guess passwords by trying many different combinations. Hackers also used AI algorithms to automate attacks, increasing their speed, scalability, and sophistication. It was also used to create phishing and social engineering campaigns. AI-powered tools analyze vast amounts of data to develop personalized phishing emails, messages, and chatbots, making scams even more convincing.
Still, AI is also available to the “good guys,” and software and other AI-infused tools that mitigate some hackers’ AI advantages have begun to hit the market.
High-profile breaches
The year featured headline spotting breaches that captured the public’s attention and some that flew below the radar but were just as consequential. Here are some of the big ones of 2023:
MOVEit Transfer: This was, experts say, the most significant and most damaging breach of 2023. According to the most up-to-date statistics, the MOVEit Transfer breach has claimed more than 2,600 victim organizations, with hackers accessing the personal data of almost 84 million individuals.
Royal Mail hit by ransomware attack: The iconic postal service in the UK faced a crippling ransomware attack in March, disrupting international deliveries and raising concerns about critical infrastructure security.
The attack was linked to hackers based in Russia, but the UK rebuffed an $80 million ransom demand they dismissed as “absurd.”
Las Vegas casinos: Hackers played a royal flush when they shut down the Vegas strip, or at least parts associated with MGM casinos. Vox described ten days in September where everything from hotel room card keys to slot machines were offline. Even websites for its many properties went offline for a while. Guests found themselves waiting in lines for hours to check in and get physical room keys or handwritten receipts for casino winnings.
A group of loosely affiliated hackers in Europe and the USA known as Scattered Spider was believed to have been behind the attack.
23andMe data leak: The sensitive data of millions of genetic testing company customers was exposed online, sparking debates about privacy in the age of DNA analysis. Hackers stole the data of millions of users, while publishing the alleged data of one million of those users.
Geopolitical cyberattacks
Attack on water authority: Iran was behind several attacks in the U.S. One attack in particular was on a Pennsylvania water authority in the town of Aliquippa, which caused pumping water to stop for some time. Hackers took advantage of a vulnerability in programmable logic controllers made by Unitronics, which water-related enterprises use. A CISA advisory stated industries include “energy, food and beverage manufacturing, and healthcare.” The devices regulate processes such as pressure, temperature, and fluid flow.
Conflicts and disasters: Conflicts in Ukraine, the Middle East, and elsewhere continued to roil the cybersecurity landscape. Phishing attempts attached to wartime aid or efforts were common. Cyber criminals capitalized on the Maui wildfires to dupe people into donating to scam charities as well.
Critical U.S. infrastructure targeted: Microsoft issued a stark warning about potential cyberattacks from China targeting critical infrastructure in the U.S., further highlighting the geopolitical dimension of cybersecurity threats. The warning came after hackers breached Microsoft’s email platform and managed to steal tens of thousands of emails from the US State Department.
New security rules for datacenters: The UK government proposed stricter regulations for data centers, aiming to bolster national security and prevent misuse of sensitive information. Data centers operating in the UK will be required to have stricter security and resilience measures to protect against potential disruption. This includes cyber-attacks and extreme weather events.
What news stories will we talk about at the end of 2024? Buckle up, it promises to be another wild ride over the year ahead!
Photo: Billion Photos / Shutterstock