Cyber Threat Tactics Shift in 2023: What You Need to Know

As the digital landscape evolves, so does the nature of cyber threats. 2023 witnessed a significant shift in the tactics and approaches of cyber attackers, influenced by global conflicts and advancements in technology. This year’s Cisco Talos Year in Review offers an insightful peek into this ever-changing battlefield.

Ransomware remains a formidable threat, with LockBit topping the charts for the second consecutive year. However, the healthcare sector emerged as the prime target, given its limited cybersecurity funding and intolerance for downtime. Alarmingly, a new breed of ransomware actors is forgoing encryption to directly extort victims by threatening data leaks.

Image: Cisco Talos

Commodity loaders such as Qakbot and IcedID are still prevalent, now serving more as sophisticated payload delivery tools than their past as banking trojans. These developments suggest an adaptation to bolstered defenses, finding new pathways to infiltrate systems. Notably, leaked ransomware source codes have empowered even the least skilled attackers to join the fray.

In a concerning trend, both APTs (Advanced Persistent Threats) and ransomware groups are increasingly targeting network devices. Exploiting vulnerabilities and weak or default credentials, these attacks underscore the high value yet vulnerability of network devices.

Geopolitical instability has a direct impact on cyber operations. Chinese APTs, strained by deteriorating relations with the West and Asia-Pacific, are becoming more audacious, targeting vital telecommunications infrastructure in key regions. Russian APTs like Gamaredon and Turla escalated their focus on Ukraine, although their overall destructive capabilities seemed restrained, possibly due to effective defense strategies.

In this turbulent environment, Cisco has been proactive, not only in developing cutting-edge security solutions but also in actively thwarting cyber threats. The Talos Ukraine Task Force’s role in stabilizing Ukraine’s power grid amidst GPS jamming and the launch of the Network Resilience Coalition is a testament to Cisco’s commitment to cybersecurity. For more Year in Review content, visit the 2023 Year in Review landing page.