Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On February 27, 2023, LastPass updated their security incident notice to include additional details around the data breach they began investigating in November 2022. According to their notice, the threat actor used information obtained in an earlier, August 2022, data breach to target an employee and obtain credentials and keys used to decrypt storage volumes within their cloud-based storage service.

Once again, Arctic Wolf has taken the temperature of organizations across the globe to determine how the cybersecurity landscape of 2022 is shaping their 2023 concerns and actions. While the survey covered a number of topics, one stood out: ransomware. 48% of organizations ranked ransomware as their number one concern for the coming year. While that’s down from 70% in 2022, it doesn’t mean that ransomware is going away.

The financial services industry is under constant threat from cybercriminals, thanks to the large amounts of money and data they move and store. In fact, financial services businesses suffer 300 times more cyber-attacks than companies in other sectors, and the cost of downtime is among the highest in any industry. 57% of IT professionals say their organizations can’t tolerate the loss of mission-critical applications for a full hour, with 15% reporting they can’t tolerate ANY downtime.

As organizations implement additional security controls and detections, threat actors adjust to bypass them. Since our initial investigation into a Lorenz ransomware intrusion that exploited a Mitel MiVoice VoIP appliance, we have observed a shift in the group’s Tactics, Techniques, and Procedures (TTPs).

On Thursday, February 16, 2023, Fortinet patched two critical unauthenticated remote code execution vulnerabilities, one impacting FortiNAC (CVE-2022-39952) and one impacting FortiWeb (CVE-2021-42756). Both vulnerabilities were discovered by Fortinet’s Product Security team.

Last year cyber threats were at the forefront of many business leaders. Not only did the Australian Cyber Security Centre (ACSC), receive over 76,000 cybercrime reports, an increase of 13 percent from the previous financial year, major cybersecurity incidents at Optus, Medibank, and others made cybersecurity a top of mind issue for many in Australia and New Zealand.

Cybercrime is on the rise. This trillion-dollar industry is only gaining momentum with ransomware and business email compromise attacks, and recent trends show that the odds of becoming a breach victim are about 50%. Not to mention that the skills shortage gap continues to plague organizations, with many stating they would need five or more employees to fill it.

Since 2017, an upwards trend of vulnerabilities has been observed, reported to, and analyzed by the National Institute of Standards and Technology (NIST). According to the National Vulnerability Database (NVD), there were more than 25,200 vulnerabilities published in 2022, making it another record-breaking year, with an increase of 25% compared to 2021. That’s a five-time increase over the past decade.

The 2023 Arctic Wolf State of Cybersecurity Trends Report takes the temperature of organizations around the globe to understand not only their current and future concerns, but how they are responding today to the problems that plagued them in previous years. Our research shows that despite the enduring nature of many of these challenges, organizations are making measurable strides in areas where progress has proven limited in previous years.

When Arctic Wolf surveyed over 900 decision makers across the globe, an area of cybersecurity that kept reappearing in responses was cloud security. Last year, cloud adoption rate was at 99% but only 19% of those organizations were implementing cloud security posture management (CSPM) solutions. As cloud-originated breaches increase, it’s no surprise then that cloud concerns are also rising.