In its latest annual report titled ‘Cisco Talos: Year in Review 2023’, the renowned Cisco Talos Intelligence Group sheds light on the escalating cyber threats faced by network infrastructure worldwide. The report, a comprehensive analysis of prevalent attacks, primary targets, and notable trends in the cybersecurity landscape throughout 2023, underscores the growing menace posed by malicious actors.
Key findings from the report indicate a significant uptick in suspicious network traffic, as detected by Cisco Security products, particularly coinciding with major geopolitical events and global cyber assaults. Of notable concern is the persistence of LockBit as the foremost global ransomware threat for the second consecutive year. The healthcare sector emerged as a prime target, attributed to financial constraints and a minimal tolerance for downtime.
Fady Younes, Senior Director for Cybersecurity at Cisco in the Middle East and Africa, emphasized the invaluable insights provided by the Talos yearly report, emphasizing Cisco’s commitment to leveraging its global presence and Talos’ expertise to bolster cybersecurity resilience in the region.
Among the top threats observed in 2023 were attacks on network infrastructure, characterized by their sophistication, often orchestrated by state-sponsored actors aiming to further espionage objectives and execute covert operations. Vulnerability exploitation and weak credentials remained significant concerns, with critical or severe vulnerabilities being targeted in three of the five most attacked device vulnerabilities.
Ransomware and pre-ransomware incidents continued unabated, affecting customers across various sectors, with healthcare bearing the brunt of these attacks. LockBit maintained its dominance in the ransomware landscape, with affiliates contributing to a substantial portion of victim posts on data leak sites monitored by Talos IR.
Additionally, Cisco’s telemetry highlighted a surge in suspicious network activity during major geopolitical events, accompanied by a notable increase in the abuse of common file extensions and the spoofing of well-known brands. Adversaries adapted to countermeasures such as Microsoft’s disabling of macros in 2022 by utilizing alternative file types like PDFs to conceal malware, with PDFs emerging as the most blocked file extension in 2023.
The report underscores the evolving nature of cyber threats and the imperative for organizations to remain vigilant and proactive in safeguarding their network infrastructure against sophisticated attacks.
