Dr. Chase Cunningham - Defend & Conquer Weekly Review December 27, 2023

Good morning, afternoon, or evening! Welcome to the Christmas edition of CybersecurityHQ. I'm Chase Cunningham, also known as Dr. Cunningham, or Dr. ZeroTrust. Today, I want to take some time to review the cybersecurity trends and statistics from 2023. Knowledge is the gift that keeps on giving, so let's unwrap the facts and insights that can help us navigate the ever-changing landscape of cybersecurity.

Before we delve into the stats, I want to emphasize the importance of conducting your own research and verifying information from various sources. Don't rely solely on experts' opinions. Now, let's dive into the data and explore the current state of cybersecurity.

The stats reveal that things are not improving significantly, which is concerning. According to a poll by Deloitte, 34% of executives reported that their organization's accounting and financial data were targeted by cyber threat actors in the past twelve months. Out of this group, 22% experienced at least one cyber attack, while 12.5% faced multiple attacks. Moreover, 48.8% of C-suite executives expect the number and size of events targeting their organizations to increase in 2024. However, only 20% of this group believes their organization's systems are secure and capable of withstanding an attack.

Artificial Intelligence (AI) and Machine Learning (ML) are buzzwords in the cybersecurity industry, but it's important to note that the current technology is more focused on large language modeling than true AI. While AI and ML have the potential to assist in cybersecurity, they are still a ways off from reaching their full potential.

The impact of cybercrime continues to grow exponentially. Cybersecurity Ventures predicts that the cost of cybercrime will reach a staggering $8 trillion in 2023 and is projected to grow to $10.5 trillion by the end of 2025. This highlights the urgent need for robust cybersecurity measures to protect organizations and individuals from financial losses and data breaches.

One of the alarming statistics is that open source vulnerabilities have been found in a staggering 84% of all code bases, according to a report by Synopsis. Open source software accounts for approximately 73% of total code, with 91% of scan reports indicating outdated versions of open source software. This highlights the need for organizations to regularly update their software and patch vulnerabilities to mitigate potential risks.

Phishing continues to be the most common method of hacking in 2023. Despite significant investments in phishing training, research from Lookout shows that the highest rate of mobile phishing in history occurred this year, with around half of the global mobile phone owners falling victim to this type of attack. Non-email-based phishing attacks are also on the rise, with attacks using SMS or QR codes increasing by sevenfold. Microsoft, Amazon, Docusign, Google, DHL, and Adobe are the brand names most commonly used in phishing attacks.

The geopolitical landscape is also contributing to increased cyber threats. The war in Russia and Ukraine has intensified the focus on cyber warfare, highlighting the value and implications of a cyber warfare environment. An accelerating cyber arms race is underway, accompanied by the looming threat of quantum computing, which could present further challenges in the future.

Let's delve into some additional cybersecurity statistics that shed light on the evolving threat landscape. As of December, there were an estimated 800,000 cyberattacks this year alone. WordPress plugins were responsible for 97% of these breaches, emphasizing the importance of regular updates and security measures for websites. Shockingly, a threat actor targets a business's infrastructure every 39 seconds, and approximately 300,000 new malware variants are created daily.

Email remains a significant avenue for malware delivery, with 92% of malware being transmitted through this channel. However, the average time it takes to identify a cyberattack has decreased to approximately 49 days, marking a slight improvement. Unfortunately, there are still 4.1 million websites actively serving up malware on the internet.

Despite the challenging cybersecurity landscape, it's encouraging to see that 66% of interviewed CIOs plan to increase their investment in cybersecurity. This indicates a growing awareness of the importance of cybersecurity measures and a commitment to protecting organizations' sensitive information.

To summarize, the cybersecurity trends and statistics from 2023 highlight the need for organizations and individuals to remain vigilant and proactive in safeguarding their digital assets. Cybercrime continues to grow, and the threat landscape is constantly evolving. By staying informed, investing in updated security measures, and adopting best practices, we can work towards a more secure future.

As we approach the end of the year, let's reflect on the challenges and lessons learned in 2023. While the current situation may seem dire, there is hope for improvement in the upcoming year. Let's enter 2024 with renewed determination and a commitment to strengthening our cybersecurity defenses.

Thank you for joining me on this journey through the cybersecurity landscape of 2023. I wish you all a great Christmas and holiday season. Please note that I will be taking a break next week, but I'll be back with more insights and updates in 2024. Stay safe, stay informed, and stay cyber-resilient.

*Disclaimer: The statistics presented in this article are based on available data for the year 2023 and may vary from current statistics. It is recommended to refer to the latest research and reports for up-to-date information on cybersecurity trends.*