2023 has brought a surge in the complexity and frequency of cyberattacks. Security experts are fighting against a wave of highly sophisticated campaigns orchestrated by cybercriminals. Notably, these malefactors have repurposed legitimate tools for malicious purposes.
Recent instances include the utilization of ChatGPT for code generation, which facilitates even less-skilled threat actors in launching cyberattacks with ease. Then, there’s the supply chain attack involving the Trojanization of the 3CXDesktop app has raised concerns, as well as the exploitation of an unauthorized Remote Code Execution (RCE) Vulnerability in the "Microsoft Message Queuing" service, commonly known as MSMQ. Perhaps most concerning is the discovery of the fastest-ever encrypting ransomware, underlining the relentless nature of these cybercriminals.
If those attacks do not appear to be worrying, maybe statistics are. In the first quarter of 2023, the global average of weekly cyberattacks increased by 7% when compared to the same period in 2022, according to a Check Point Research report. On average, organizations around the world now face 1,248 attacks per week, underscoring the persistent and escalating threat faced by businesses across sectors. Adding to that, one out of every 31 organizations worldwide experienced a ransomware attack, highlighting the urgency for enhanced cybersecurity measures.
This correlates to what happened in New York over the past six years. According to a recent report released by State Comptroller Thomas P. DiNapoli, from 2016 to 2022 there was a 53% surge in cyberattacks within the state. During the first half of 2023, the number of attacks aimed at critical infrastructure nearly doubled, soaring to 83, in contrast to the 48 reported for the entirety of the preceding year.
New York's cyber threat landscape placed it among the top-ranking states in various categories in 2022. It ranked third in terms of the number of ransomware attacks and corporate data breaches, trailing only California and Texas for ransomware attacks and California and Florida for corporate data breaches.
New York also witnessed an increase in cybercrime victims, with losses skyrocketing by 632% since 2016, according to the report. The economic toll of these cyberattacks in New York for the year 2022 alone amounted to a staggering sum, surpassing $775 million in estimated losses. This statewide figure contributed to a nationwide tally of cyberattack losses totaling $10.3 billion.
DiNapoli, in response, stressed the gravity of the situation, emphasizing that cyberattacks pose a severe threat to the critical infrastructure, economy, and daily lives of New Yorkers. Data breaches and ransomware attacks, in particular, have put individuals at risk of privacy invasions, identity theft, and fraud, while also jeopardizing essential systems such as those providing water, power and healthcare. Safeguarding the state from such threats, he added, necessitates continuous investment, coordination, and unwavering vigilance.
Securing critical infrastructure against cyberattacks demands ongoing investment, coordination and vigilance. In 2022, a New York State Chief Cyber Officer was appointed to lead cross-agency efforts and establish a Joint Security Operations Center for cybersecurity coordination among various stakeholders. The state also released a cybersecurity strategy to access federal funding. Meanwhile, a federal act mandates cybersecurity reporting for critical infrastructure and proposes a centralized breach report repository to enhance early threat detection.
These efforts extend to local governments.
DiNapoli's audits have identified common security weaknesses, with recommendations for prompt corrective action to strengthen networks.
For organizations looking to secure their critical infrastructure to help out DiNapoli’s efforts, CISOs are typically urged to avoid complacency. CISOs need to develop and implement robust security strategies that eliminate vulnerabilities and blind spots throughout the digital landscape.
Keep computers and servers up-to-date with critical security patches is crucial to minimize vulnerability to cyberattacks. Frequent cybersecurity awareness training for employees is also essential. Employees need to be educated not to click on malicious links, open untrusted attachments, share personal information with phishers or download software without verification. Just remember, nsider risks are real.
Organizations can also implement automated threat detection and prevention measures that are vital for detecting and resolving ransomware attacks before they escalate. Regularly updating all software is also necessary to address vulnerabilities that attackers might exploit. A well-defined patch management strategy ensures that the team always uses the latest software versions.
Whether it's addressing shadow IT development environments, strengthening remote access security or fortifying email vectors, comprehensive security measures are critical.
Edited by Alex Passett