There was a more than twofold increase in worldwide attack efforts in 2023, according to the latest report from cybersecurity company Armis.
Armis’s latest report, “The Anatomy of Cybersecurity: A Dissection of 2023’s Atack Landscape,” draws on Armis’ proprietary data, which points to a serious surge in cyberwarfare. The data marks a 104% rise in cyberattack attempts in 2023.
The numbers show that the most affected sectors include utilities, which recorded a 200% increase and manufacturing, with a 165% increase. The highest number of attacks took place in July, when hackers mostly went after communications devices, imaging devices, and manufacturing devices.
“Armis found that not only are attack attempts increasing, but cybersecurity blind spots and critical vulnerabilities are worsening, painting prime targets for malicious actors,” said CTO and Co-Founder of Armis, Nadir Izrael.
“It’s critical that security teams leverage similar intelligence defensively so that they know where to prioritize efforts and fill these gaps to mitigate risk. We hope that by sharing these insights, global businesses and governments will leverage them to immediately pinpoint what they should be focusing on to improve their cybersecurity posture this year to keep critical infrastructure, economies and society safe and secure,” Izrael added.
Armis’s research reveals that Chinese and Russian actors mainly attacked manufacturing, educational services and public administration sectors. In the manufacturing sector, domains with .cn and .ru extensions accounted for approximately 30% of the average monthly attack attempts. Meanwhile, in the educational services sector, attacks originating from these domains have escalated to around 10% of the overall attacks.
The report also delves into the challenges posed by legacy technology. For example, Armis found that older Windows server OS versions (2012 and earlier) are 77% more likely to experience attack attempts compared to newer versions.
“Blueprints like this report are invaluable as they help teams focus limited resources on efforts with the greatest impact and with the insights to tell data-driven stories in justification of cross-team priorities,” said Curtis Simpson, CISO of Armis. “Using hindsight and analyzed data could allow CISOs to focus 2024 efforts on segmenting legacy technology, prioritizing exposures of greatest significance, and utilizing AI-driven technologies that can assist security teams with defending and managing the attack surface in real-time.”