Reflecting on 5 major cyberattacks of 2023
The path toward fundamentally improving cybersecurity means looking back at previous attacks and learning how they occurred. However, often breaches happen for similar reasons (phishing, social engineering scams, ransomware) and it’s a red flag that current infrastructure is not sufficient to thwart breaches.
2023, however, was unique in that it revealed the rapidly evolving problem of AI-generate attacks. Today, AI-generated content is reaching unprecedented levels of use, and with that, ballooning dangers. Given that social engineering remains a preferred manipulation tactic for attackers, AI can create massive volumes of artificial content to deceive targets. With no sign of slowing, it’s a prominent concern moving forward.
Having said that, “traditional” methods by attackers still reign supreme, and 2023 readily demonstrated some of those form factors.
Attack One – Government Breach via Microsoft 365
60,000 US government emails were compromised by a body of Chinese hackers. That’s a daunting number, and you’d be forgiven for thinking it was a breach involving complex attack strategies. As it turns out, the Chinese hackers in question compromised Office 365 accounts and discovered credentials linked to at least 25 Government federal agencies.
It’s no small thing when critical agencies have their information compromised, and what impact this could have remains to be seen.
Attack Two – MGM Entertainment Resort Breach
Midway into 2023, MGM found itself in the spotlight. But not as an attractive getaway for tourists and visitors, but due to a massive cybersecurity breach. Again, MGM was the victim of social media schema taking advantage of customer support. The culprits were a dual effort by the Alphv and Scattered Spider ransomware gangs, a dangerous demonstration of international collaboration. Together, they were able to compromise the financial and personal information of more than 142 million guests.
The attackers took advantage of unprotected cloud servers and gained access by acting as “customers” calling support lines for basic information, then used to exploit weaknesses in MGM’s security posture.
Attack Three – MOVEit Software Breach
MOVEit operates as an organizing promising the safe transfer of highly sensitive files, and of course, this was too good of a target to pass up. A ransomware group known as TA505 exploited a critical vulnerability. CISA, the American Cybersecurity Infrastructure and Security Agency discovered an exploit, CVE-2023-34362, or an SQL injection vulnerability.
MOVEit’s transfer applications were then infected with a malicious webshell LEMURLOOT, allowing theft of any affected transfer. It’s estimated roughly 2000 organizations were impacted.
Attack Four – Western Digital Compromised
Western Digital is another prominent name in the tech space, a massive provider of popular HDDs and SSDs. Unfortunately, it was also another prime target for a cyber-attack. Attackers hacked into Western Digital’s network-attached storage and were able to remotely wipe large swaths of data, interrupting normal operations. They exploited a weakness from 2015 that had already been patched, demonstrating the dangerous versatility of threat actors and their ability to discover openings.
Attack Five – Hot Topic Data Breach
Hot Topic might seem an odd choice to list as a major breach event, but it’s worth noting because it’s atypical of what we expect. When we hear cybersecurity breaches, we think of IT data houses or tech-adjacent companies. But this is not the case, as any enterprise housing data is a valuable target.
In early 2023, hackers infiltrated Hot Topic’s rewards program via stolen credentials to steal large swaths of user data. Order history, phone numbers, addresses, and customer names were included in this compromised data. It’s another powerful demonstration that no matter the name, threat actors will prowl for data so long as it is valuable.
Stores and vendors with massive backlogs of consumer data are especially valuable targets.
Thinking Ahead
Understanding the common threads in cyberattacks helps us understand the best ways to defend against them. While 2023 observed many cyberattacks, we highlighted some of the outstanding ones demonstrating dangers to government and business organizations alike. Unfortunately, attacks like our list are all too common, hitting small and large organizations alike.
For more information about cyber-attacks and defending against them, you can reach out by contacting Bytagig today.
