In 2023, we saw several significant cybersecurity events that had a major impact on organizations and individuals around the world.
Infosecurity Magazine remains at the forefront of providing insightful and up-to-date information to help organizations and individuals navigate the complexities of the digital landscape.
Throughout 2023, our readers consistently engaged with our content, with a particular interest in the following top 10 cybersecurity stories.
ChatGPT Creates Polymorphic Malware
The ability of generative AI to create malware has been one of the biggest discussion points of 2023. According to research by CyberArk in early 2023, malware had been created using ChatGPT. At the time, researchers said that they were able to bypass content filters preventing ChatGPT from creating malicious tools.
A year since this story, ChatGPT’s creators, OpenAI, have put in many more safeguards. Many cybersecurity experts have also commented that threat actors’ main use of generative AI has been to create convincing phishing scams, rather than creating unique malware which still requires some technical ability.
Stealthy npm Malware Exposes Developer Data
A stealthy malware was discovered on a popular JavaScript library, nmp package, over the summer 2023. Cybersecurity firm Phylum found that seemingly innocuous “test” packages were part of a sophisticated and targeted malware attack aimed at exfiltrating sensitive developer source code and confidential information.
Later, FortiGuard also identified malicious packages hidden in nmp, the primary objective of which is to pilfer sensitive information.
The ubiquitous nature of nmp and JavaScript continues to make it a prime target for threat actors looking to pilfer sensitive data and distribute malware.
NIST Expands Cybersecurity Framework with New Pillar
Regulatory changes have been a top consideration for CISOs and cybersecurity professionals alike in 2023.
This year, the US National Institute of Standards and Technology (NIST) has released a new draft version of its popular best practice security framework. This is the first refresh since it was launched in 2014.
NIST Cybersecurity Framework 2.0 expands the framework’s scope from critical infrastructure to all organizations regardless of type or size.
Hundreds of Citrix Endpoints Compromised With Webshells
In August, it was revealed that Citrix servers had been compromised by a zero-day exploit enabling webshells to be installed.
The malicious campaign exploits zero-day vulnerability CVE-2023-3519 to compromise NetScaler ADC. A patch was issued by Citrix for the vulnerability.
Later, cybersecurity experts at Sophos X-Ops uncovered a wave of attacks targeting unpatched Citrix NetScaler systems exposed to the internet.
Cyber Skills Gap Reaches 4 Million, Layoffs Hit Security Teams
The ISC2 2023 Cybersecurity Workforce Study found that the global cybersecurity skills gap grew by 12.6% compared with 2022.
The study also found that cyber skills gap has been exacerbated by significant cutbacks to cybersecurity operations amid the turbulent global economic environment.
The skills gap is often cited as a key paint point for CISOs and cybersecurity teams.
Northern Ireland Police Officers Vulnerable After Data Leak
A serious data leak, following a freedom of information request, revealed the surnames and initials of current employees in the Police Service of Northern Ireland, their rank or grade, and the location and department they work in.
The breach, which occurred in August, raised alarms because the terrorism threat level for Northern Ireland is set as ‘sever’ and information from the leak could be used to target police personnel.
A review, published in December, found that the event occurred because of force-wide security failings and a “light touch approach” to data protection.
Consumers Concerned About AI’s Impact on Data Privacy
The growth of Generative AI has more implications to data privacy than it may be first assumed. Cisco found that there is significant disconnect between consumer expectations and organizations’ approaches around privacy, especially regarding the use of AI.
The growth of generative AI is set to have major implications on privacy. One example being inferential data – using a dataset to draw conclusions about populations. The problem with inferential data is that consumers are unaware that the organization has it.
Global Cyber-Attacks Rise by 7% in Q1 2023
Cyber-attacks have been on the rise year after year and many cybersecurity vendors do research to determine by how much they are increasing, what types of attacks are most common and who is being targeted.
Check Point Research found that weekly cyber-attacks increased worldwide by 7% in Q1 2023 compared to the same period in 2022. Each firm faced an average of 1248 attacks per week.
The data found that the APAC region experienced the highest year-on-year growth. They also said they had witnessed several sophisticated campaigns from cyber-criminals who are finding ways to weaponize legitimate tools for malicious gains.
Ransomware Attack Wipes Out Four Months of Sri Lankan Government Data
Government infrastructure and data are key targets for hackers, both for financial gain and political motivations.
In September, investigations began into a ransomware attack that affected Sri Lanka’s government cloud system, Lanka Government Cloud.
The Sri Lankan government had previously been criticized for failing to efficiently promote serious cybersecurity measures within its public administrations and its private sector.
Data Leak Hits Thousands of NHS Workers
In early 2023, an estimated 14,000 employees at a Liverpool NHS hospital trust have been informed that their data was leaked via email due to human error.
The UK’s NHS is a prime target for threat actors, as are many hospital and medical organizations because of the high value of the personal data they hold.
In December, it was found that the UK is at high risk of a “catastrophic” ransomware attack, with the government ill-prepared to deal with this threat. Criticism by a Parliamentary report also targeted the NHS, saying that it has a vast estate of legacy infrastructure, which puts it in a particularly difficult position to protect itself from cyber-attacks.