NCC Group Threat Monitor Report 2023

Keypoints

– Cybersecurity reports from major vendors typically include sections such as foreword, critical event timeline, incident analyses, law enforcement actions, threat actor profiles, regional threats, vulnerability landscapes, and operational findings, providing a holistic view of the cyber threat environment.
• – Key statistics reveal an 84% increase in ransomware victims in 2023, with attackers employing innovative techniques targeting supply chains, managed service providers, and major software vendors.
• – The report highlights prominent threat actors like LockBit 3.0, BlackCat, CL0P, and Sandworm, with specific sectors and regions being primary targets, including critical infrastructure and diplomatic systems.
• – Significant cyber incidents include the Royal Mail ransomware attack, data leaks affecting millions of users, and state-sponsored espionage campaigns by groups like Nobelium and Sandworm.
• – Law enforcement actions have resulted in numerous arrests related to TrickBot, LockBit, and other cybercriminal operations, demonstrating a persistent effort to curb cybercrime through sanctions, indictments, and joint operations.
• – Emerging threats include dual ransomware attacks, supply chain breaches (such as MOVEit and GoAnywhere vulnerabilities), and geopolitical conflicts affecting global cybersecurity stability.
• – The incident response and SOC data indicate continued focus on unauthorized access and phishing, with financial and industrial sectors being highly targeted, underscoring the need for rigorous security measures.