Top Cyber Attack Styles of 2023

15 Nov / 2023

Top Cyber Attack Styles of 2023 

Cybersecurity professionals tirelessly match wits with cybercriminals, who are continuously honing their strategies. In 2023, the digital landscape has evolved rapidly, with artificial intelligence, sophisticated social engineering tactics, and geopolitical phishing reshaping the threat environment. Given the stiffening regulatory repercussions and cyber requirements, it's imperative for Australian organisations to bolster their defences against these emerging and increasingly complex cyber threats.

Here’s an overview of the prevailing cyber attack styles of 2023 that have significant implications for what executives need to strategise for in 2024.


Ransomware in Australia 2023: A Year of Escalating Threats

In 2023, ransomware continued to dominate Australia's cybersecurity landscape, constituting 24% of cyberattacks, with the dreaded double extortion method being a persistent menace. Organised crime actors, motivated by financial gain, were responsible for this alarming trend.

Up to July 2023, SOCRadar's Dark Web analysts identified 30 ransomware attacks on Australian institutions. These attacks were executed by 14 distinct ransomware groups, revealing the evolving threat landscape.

Ransomware attacks were distributed across various Australian industries, raising concerns about sector-specific targeting. Notable incidents included:

  • FIIG, a prominent fixed-income specialist, fell victim to the AlphVM/Blackcat ransomware group in June 2023, resulting in the exposure of confidential data.
  • Crosscity Motorway, operating in the Transport/Truck/Railway sector, faced a ransomware attack by Lockbit 3.0 in June 2023.
  • The Crown Princess Mary Cancer Centre became a victim of the Medusa Team ransomware group in May 2023.

These incidents emphasise the need for heightened cybersecurity vigilance as ransomware threats persist and evolve in Australia. 

What To Watch For In 2024

Malicious actors are becoming increasingly sophisticated and intelligent operating in a corporate manner. Recent examples include using risks of fines against their targets. Take the Ransomware attack on Sony by Ransomedvc. Ransomedvc positions itself as a group of “penetration testers” who seek compensation for their “professional services' ' and say they’re working in compliance with GDPR and Data Privacy Laws. In one communication with victims via their telegram channel they said “I heard you do not wanna pay me?” “Well then lets (sic) start with leaking a few customers to the public. I wonder what the GDPR agency will think about our relationship?”

Incredibly, the group describes themselves as a ‘Leading Company in Digital Peace Tax’, attempting to legitimise themselves as public service providers rather than black hats. 

Their page on the dark web states: ‘We offer secure solutions for addressing data security vulnerabilities within companies. As penetration testers, we seek compensation for our professional services. Our operations are conducted in strict compliance with GDPR and Data Privacy Laws. In cases where payment is not received, we are obligated to report a Data Privacy Law violation to the GDPR agency!.’

While Ransomedvc largely operates across the US and Europe, Australian organisations should be on the watch for similar tactics as hackers become increasingly business-like in their strategies.

Malicious AI and Machine Learning Threats 2023

2023 marked the ascendancy of AI-directed cyberattacks. Threat actors rapidly embraced AI to expedite the development of new malware and ransomware variants. This approach proved to be a cost-efficient strategy, allowing cybercriminals to stay one step ahead of traditional security measures. Furthermore, deepfake technologies entered the scene, enabling phishing and impersonation attacks of unprecedented sophistication.

AI Attacks: What to Watch for in 2024

As we look ahead to 2024, it's crucial to remain vigilant in the face of evolving AI attacks. Here are the key trends and developments to keep a close eye on:

  • Continued AI Adoption by Threat Actors: The trend of cybercriminals harnessing AI is expected to intensify. In 2024, we anticipate an even wider adoption of AI, enabling malicious actors to further refine their tactics and develop increasingly sophisticated threats, such as building phishing campaigns that are harder to detect and more successful at confusing users.
  • Defenders Fighting Back with AI: Just as cybercriminals tap into AI's potential, cybersecurity professionals will continue to invest in AI for defence. AI-powered cybersecurity tools and algorithms will play a pivotal role in detecting and mitigating threats promptly.
  • Impact of Regulatory Changes: Europe and the United States have initiated significant regulatory efforts concerning AI usage. We expect to see Australia following suit, with these regulations shaping the landscape of AI in cybersecurity, influencing both offensive and defensive strategies.

Social Engineering Threats 2023

Social engineering emerged as a formidable threat in 2023. Cybercriminals, recognising the human element as a vulnerable entry point, continued to refine their tactics in psychological manipulation. Here's a look at the prevalent social engineering threats that defined the year:

  • Emotionally Charged Emails: Cybercriminals leveraged fear to prompt immediate, often ill-considered actions. Phishing emails designed to induce panic were a common tactic, capitalising on victims' urgency and lack of time to think rationally.
  • False Identities: Attackers posed as trusted entities, including IT support teams, to deceive targets. Victims were lured into installing malicious software or divulging sensitive information, under the guise of system upgrades or assistance.
  • Spear Phishing Attacks: Social engineers honed their techniques to craft convincing emails, mimicking the writing style and email addresses of legitimate contacts. This approach aimed to deceive recipients into believing they were communicating with familiar individuals.
  • Real-World Social Engineering: Beyond the digital realm, attackers exploited social norms and good manners to manipulate individuals in person. This included bypassing building access and security protocols by relying on politeness to cloud common sense.

Social Engineering Threats: What to Watch for in 2024

We anticipate the art of social engineering to evolve exponentially in 2024. Here's a glimpse of what to remain vigilant against in the coming year:

  • MFA Fatigue Attacks: Multi-factor authentication (MFA) fatigue attacks will continue to pose a threat. Attackers bombard users with repeated push notifications after acquiring stolen credentials, hoping that some victims will relent. Vigilance, education, and rate limiting push requests will be key to mitigating this risk.
  • Fake Data Leaks: Cybercriminals may fabricate data breach reports related to reputable companies. Users are lured into malware-infested directories through Google Alerts, emphasising the importance of verifying the legitimacy of alerts.
  • Callback Phishing: This tactic involves sending personalised emails from spoofed contacts, instructing recipients to call a specified number. Victims are coerced into revealing sensitive information or installing malware. Phone-based manipulation is a simple yet effective way to bypass software defences.
  • Deep Fake Phishing: While still on the horizon, deep fake phishing represents a looming threat. Cybercriminals may use AI-generated images or voice notes to convincingly impersonate loved ones, colleagues, or executives. As these techniques become more sophisticated, preparation against synthetic media will be crucial for defence.

Enhance Your Cyber Defense in 2024: Collaborate with Cythera for Pen Testing

In 2023, cyber threats evolved significantly, with ransomware, AI-driven attacks, and sophisticated social engineering tactics taking centre stage. CEOs and CIOs must proactively prepare for 2024's cybersecurity challenges. Ransomware continued to plague various industries, demanding robust defences. Malicious AI and deepfake technologies propelled cybercriminals, necessitating AI-driven cybersecurity solutions. Social engineering tactics became more refined. 

To confront these threats, partnering with pen testing services like Cythera is crucial, and just the beginning of improving your cyber resiliency posture. Download our complimentary Pen Testing 2024 Checklist to fortify your cybersecurity strategy and protect your organisation from emerging risks.

Resources

You may be interested in

Critical Citrix ADC and Gateway Remote Authentication Bypass Vulnerabilities

Critical Citrix ADC and Gateway Remote Authentication Bypass Vulnerabilities CVE: CVE-2022-27510, CVE-2022-27513 and CVE-2022-27516What is Vuln…

Read More arrow_forward

Crafting Compelling Business Cases for Cybersecurity Funding: Strategies for Success

In an increasingly volatile geopolitical and global economic environment, the rise of cybercrime, encompassing theft, embezzlement, and hacking,…

Read More arrow_forward

Does Your Business Meet Australian Security Legislation? A Checklist for Board Members and Executive

Everything you need to maintain a compliant security strategy.The Australian Institute of Company Directors has stated an increased focus on cyb…

Read More arrow_forward