12 Jun Looking Back at 2023 and What We Learned in Cybersecurity

Another year and era of tech draws to a close as we look ahead to changes, adaptions, and industry movements in the tech sector. Part of change involves looking at the past, and reviewing 2023 is a great way to prepare for trends and shifts.

But much of 2023 also engaged with familiar territory. Cybersecurity problems ranging from breach events, critical infrastructure attacks, and ransomware schemes were all the rage over the year. We also observed continued growth of AI-adjacent markets, technologies, toolsets, and pop culture emphasis as advanced machine learning took center stage. Laws, mandates, and regulations regarding IT and cybersecurity have tightened with stronger reporting requirements.

Just as we examine trends for 2024, let’s take a glance back at 2023 to see what we’ve learned in Cybersecurity.

The Ransomware Debacle

Ransomware remains a persistent threat. Any network with caches of valuable data is at risk of falling victim to ransomware attacks. If the data is valuable to a person, then it’s trying to compromise. By encrypting data, ransomware gangs and hackers force victims to capitulate and meet their demands. Normally, this is paying the “ransom” through forms of cryptocurrency. Even if the victim does not pay, cybersecurity insurance programs routinely cover the damages and expenses.

This problem continued throughout 2023. Ransomware targeted supply chains, critical infrastructure, and valuable IT data caches filled with personal information. Said information was used for extortion attacks and BEC (business email compromise). Because ransomware is difficult to track and remediate, it remains the go-to for threat actors.

SEC’s New Mandates and Compliance Requirements

The United States Security and Exchange Commission (SEC) introduced new reporting requirements for applicable businesses and federal agencies in 2023. Primarily, this was to shift away from the “guidelines and suggestions” model to better enhance cybersecurity response. Before, companies (such as in the fintech sector) were not required to report breaches or adhere to specific requirements and cybersecurity rulesets. That, however, is changing.

The summation of new requirements is that starting in 2024, publicly traded companies must report a data compromise or breach event within four days of discovery. Discovery and companies falling under these categories can vary, so it’s up to businesses to know if they’re responsible for new data reporting mandates.

Threat actors may even adapt and threaten companies with “failure to compromise” reports to the SEC for businesses not up-to-date with the SEC’s requirements. Regardless of the reasons, it was one of the key factors shaping 2023 cybersecurity policies. As 2024 arrives, we’ll see that change even more, with relevant companies adhering to reporting requirements and (hopefully) strengthening their IT infrastructure and cybersecurity posture.

Zero-Day Vulnerabilities and Exploits

Zero-day exploits are another top challenge for professionals across the board. A zero-day exploit can spell disaster for an enterprise, as hackers take advantage of vulnerabilities. Where those vulnerabilities are found will vary, but are common with software, apps, and even server frameworks. New patches and system updates can introduce zero-day vulnerabilities. Or the inverse, where weaknesses remain in unpatched applications.

Zero-day vulnerabilities and exploits are especially dangerous as ample time has not passed enough to fix or patch them. It’s also hard to detect or know if a company is vulnerable to zero-day exploits without careful monitoring of their infrastructure, or, without alerts from parties that are aware of exploits. And, not all exploits are discovered in time. Even when they are, patching takes time, and damages to IT infrastructure can occur within these unfortunately exposed periods.

2023 demonstrated we must remain aware of all company-adjacent systems and remain vigilant of potential exploits.

Geopolitical Events and Turmoil

Lastly, whenever geopolitical events occur, hackers will take advantage. The often “intense” discussion and consequences of world happenings, be they disaster, war, economic, or political, provide fertile ground for attackers to spread misinformation. They also take advantage of the confusion surrounding these events. For example, when the Russian-Ukraine conflict started, ransomware actors took advantage by preying on misinformation, fear, and weakened infrastructure.

These were only a handful of happenings over the 2023 period. But as always, it’s important to remain aware of them and learn valuable lessons.

For additional help and information regarding IT, contact Bytagig for additional information.