Report

📊 2023 OpenText Cybersecurity Threat Report

  • 29 March 2023
  • 33 replies
  • 3823 views
📊 2023 OpenText Cybersecurity Threat Report
Userlevel 7
Badge +24
  • Sr. Security Analyst & Community Manager
  • 1084 replies

Our latest OpenText Cybersecurity Threat Report is finally here!

 

Cybersecurity professionals were kept on their toes throughout 2022. Russia’s invasion of Ukraine sent shockwaves through organized cybercrime and disrupted ongoing operations by REvil and Conti. Global law enforcement continued to aggressively target threat actors, including the Hive ransomware gang. And discovery of critical vulnerabilities and exposures (CVE) continued at a record pace, with nine CVEs published with scores of 9 or higher.

 

Our report is full of great insights. Some key findings include:

  • The Middle East, Asia, and South America were the regions with the highest percentage of infections.
  • 55.6% of consumer PCs were infected more than once, and 19.9% infected more than 5 times.
  • Facebook was most often impersonated company in phishing attacks.
  • During 2022, 84% of ransomware attacks now include leak sites
  • The year-end average for ransomware payments in 2022 has skyrocketed to over $400,000

With Ransomware now turning 10 years old, it’s been a wildly successful ‘business model’ for cybercriminals. The growth of extortion leak sites amongst ransomware gangs is a worrying trend showcasing the chase for profits. The damage to victims is twofold as the cost of noncompliance with data privacy regulations and damage to the brand can be even more devastating than disruption from ransomware, especially for larger organizations. It has become more attractive to just pay the ransom and sweep the entire incident under the rug.

 

Last year was marked by innovation across the threat landscape. In this year’s full report, we delve into the developments affecting businesses large and small.

 

Download the report and discover for yourself our complete analysis and predictions powered by OpenText Cybersecurity Threat Intelligence

 

We invite you to dive into the report and share your favorite findings with our community. The participants with the most interesting takeaway comments, as decided by our expert panel, will win a $25 Amazon Gift card 🏆 4 winners will be announced next week.

 

What will you win?

 

Here's how to participate:

1️⃣ Share your favorite stat, finding, or insight from the 2023 OpenText Cybersecurity Threat Report.

2️⃣ Explain why you find it interesting, and what implications it may have for the cybersecurity landscape.

3️⃣ Engage with fellow participants by asking questions, providing additional insights, or sharing your own thoughts on their findings.

 

This event is a fantastic opportunity to explore the report together, exchange ideas, and enhance our understanding of current and emerging cybersecurity threats. So, let's dive in and discuss the most captivating takeaways from the 2023 OpenText Cybersecurity Threat Report!

 

The first 10 community members who comment will win some SWAG (if you haven’t already won it)

SWAG

Be sure to check back every day this and next week for more prizes and giveaways :)


33 replies

Userlevel 7
Badge +63

Awesome and thanks Tyler! 😉 I’m not in for the Prizes Thanks!

Awesome learning resource, it gives a lot of insights into the threat landscape.

What surprises me: companies with a lot of Webroot licenses have much higher malware infection rates. I appreciate there is no causality here, but it’s still a surprising correlation.

And it’s good to read that DNS protection has a great impact on security.

Userlevel 7
Badge +63

“Facebook was most often impersonated company in phishing attacks.”

Does anyone still use Facebook? Surprised this hasn’t been overtaken by TikTok.

I don’t use either only Twitter.

Userlevel 5
Badge

Instagram is renown for phishing attacks I can second that lucy23177 always wants to send private messages  ... 

Userlevel 7
Badge +4

“Facebook was most often impersonated company in phishing attacks.”

Does anyone still use Facebook? Surprised this hasn’t been overtaken by TikTok.

Userlevel 7
Badge +4

@TylerM  Awesome reading thank you. As the “world evolves” we need to get wiser. Still amaze me how someone (19.9%) were infected more than 5 times. Also surprised that especially Africa have a lower infection rate compared to countries such as the Middle East. With the infection rate per industry having manufacturing at the top of the list is a scary thought especially with IoT going the rate that it does….. I am definitely cancelling my fridge’s email immediately. And no WIFI for the microwave. SAT and DNS Protection is more and more becoming a “have-to” no matter how you look at it. a rock-solid 3-2-1-1 backup strategy for every aspect of data protection strategy is simply NON-NEGITIABLE. 

Userlevel 4

Great review that helps focusing on the biggest target

Userlevel 4

That is just so worrying that a fifth of people keep getting caught out over and over again, it makes me sad that people don’t learn from their mistakes!

It's completely fine to have preferences when it comes to social media platforms. If you enjoy using Twitter and find it to be the platform where you feel most comfortable posting and engaging with others, that's perfectly valid. Each social media platform has its own unique features and user base, so it's natural for individuals to gravitate towards the ones that align with their interests and preferences.

As for TikTok, it's understandable that it may not appeal to everyone. Different people have different tastes and preferences when it comes to content consumption and creation. If TikTok doesn't resonate with you or doesn't align with your interests, it's perfectly fine to choose not to use it.

Ultimately, the most important thing is to use the platforms that you enjoy and find value in. Social media should be a positive and enjoyable experience, so focusing on the platforms that you feel comfortable with is a great approach.

 

Regards;

David Johnson.

Userlevel 7
Badge +24

Not here! I never been accidentally been infected but test malware 10+ years ago using Windows XP and Win 7.

I run malware protection, a honey pot, AV, and Defender on my Windows machines, and believe it or not, one of my older Windows 7 machines was hit by ransom a wile back. Not a critical machine, and no remote servers mounted servers. But I did not see it for a day, and my dropbox sync synced all the encrypted files. So it can happen no matter how careful you are.  But I just low level formatted the drive to be sure it was clean, put the OS back on, and used backup to get the machine on-line in a day.  And if you have a paid dropbox account, they will roll back your files for you to when no encrypted files are seen, so they synced properly as well. 

So no matter how careful one is, you can get hit. Never had a virus, but this was a surprise. A solid backup saved my machine.

I believe it

Userlevel 7
Badge +4

I am late to this topic, but not here for swag anyway.

 

I think the part of the opening statement struck me the hardest: “...the average ransom demand was at its highest ever, with the median cost hitting just under $200,000.” and “...Ransomware gangs increasingly targeted smaller businesses.” just pisses me off. Smaller businesses could be put out of business by such an attack, and obviously often have less capable IT support or the funds to pay such a ransomware bill in the first place.  (Also indicates to me that the “gangs” have a poor long term planning. Kind of reminds me of drug dealers killing their customers with bad drugs. Eliminating your customers is just stupid. But I digress.) 

We really need to push our clients for secure, air gapped backup systems. Latest Ransomeware now knows how to look for servers on the same network and backup systems as well. 

A lot of interesting info in this report but for me the first stat that stood out was that among infected consumer PCs, 19.9% were infected more than five times. How is that possible? 

I was also surprised by this, again! I can’t help but wonder if these systems were never really recovered and cleaned properly?  You would think people would learn, but if they have no education on the cause, and believe just repairing the system is enough, then I am not surprised at all. 

@MajorHavoc  “You would think people would learn, but if they have no education on the cause, and believe just repairing the system is enough, then I am not surprised at all. “ My gran always said someone can be ugly and they can fix that by going for a facelift. BUT there is no cure for stupidity as there are no tablets or vaccines for it. 

Userlevel 7
Badge +25

@MajorHavoc  “You would think people would learn, but if they have no education on the cause, and believe just repairing the system is enough, then I am not surprised at all. “ My gran always said someone can be ugly and they can fix that by going for a facelift. BUT there is no cure for stupidity as there are no tablets or vaccines for it. 

I love this. I think I have heard that out much more simply however: “You can’t fix stupid.”  😀

But this is a point I have made many times. Just tossing on some software to try and protect a machine is not enough. People need to be educated on what is dangerous, what is happening, how to take steps to protect your date, etc, etc. That should be a product all by itself. 

Userlevel 7
Badge +63

19.9% of consumer PCs were infected more than 5 times.  WTH!!!

This is mind boggling.  I don't understand how people can just go through life without AV & malware protection.  They might as well get rid of the refrigerator and just assume that when the pork chops turns blue it’s still good...(sad noises :()

Not here! I never been accidentally been infected but test malware 10+ years ago using Windows XP and Win 7.

Userlevel 7
Badge +25

Not here! I never been accidentally been infected but test malware 10+ years ago using Windows XP and Win 7.

I run malware protection, a honey pot, AV, and Defender on my Windows machines, and believe it or not, one of my older Windows 7 machines was hit by ransom a wile back. Not a critical machine, and no remote servers mounted servers. But I did not see it for a day, and my dropbox sync synced all the encrypted files. So it can happen no matter how careful you are.  But I just low level formatted the drive to be sure it was clean, put the OS back on, and used backup to get the machine on-line in a day.  And if you have a paid dropbox account, they will roll back your files for you to when no encrypted files are seen, so they synced properly as well. 

So no matter how careful one is, you can get hit. Never had a virus, but this was a surprise. A solid backup saved my machine.

Userlevel 7
Badge +24

“Facebook was most often impersonated company in phishing attacks.”

Does anyone still use Facebook? Surprised this hasn’t been overtaken by TikTok.

Instagram also made the top 5 in fishing and while they are a separate brand, they are owned by Facebook.

Facebook is still very much heavily targeted 

Userlevel 7
Badge +54

I have accounts with Instagram, Facebook, and Twitter but the only one I really post on it Twitter.
Tik Tok, not a chance, I just stay clear of that one.

Userlevel 5

I want to share this report with all my Linkedin contacts in Italy.
I find that the more information available to users the better it will be for the safety of all of us.

Userlevel 6
Badge

It was interesting to read about Phishing Attacks, this is something we see almost every day in our business

Userlevel 7
Badge +24

@TylerM, I am confused as to the time of this event/meeting. I have seen 11 am, 12am and 1 pm. CT. Can you confirm please?

The webinar is 12pm EST or 11am CST 😀

Userlevel 6
Badge +6

19.9% of consumer PCs were infected more than 5 times.  WTH!!!

This is mind boggling.  I don't understand how people can just go through life without AV & malware protection.  They might as well get rid of the refrigerator and just assume that when the pork chops turns blue it’s still good...(sad noises :()

Userlevel 5
Badge +4

I appreciate the recognition that going after smaller businesses has lowered the median ransomware amount, but I would still love to see average and median ransom amounts broken out by business size (both employee count and revenue) and industry. 

Userlevel 7
Badge +6

Seeing the stats on email-based phishing attacks confirms what we’ve been seeing on our end. I think every single security incident we’ve had started with a phishing email.

Also great to see SAT/Endpoint Protection/DNS implementation results in a 40% reduction in malware incidents. We’ve had Endpoint and DNS protection for a while, but good to know SAT has a positive impact as well. It’s easy to feel like it’s not helping.

Userlevel 2
  • 55.6% of consumer PCs were infected more than once, and 19.9% infected more than 5 times.

How can one pc and or one user not learn their lesson once they have been infected? This is absolutely mind boggling. 

Userlevel 1

Could you please confirm the timing of the event/meeting as I'm uncertain? I have seen conflicting schedules mentioning 11 am, 12 am, and 1 pm CT.

Just to clarify, the webinar is scheduled for 12 pm EST or 11 am CST. 😀

Apologies for missing the initial portion of the event/meeting as I had just arrived from work, but I found the remainder to be informative and enjoyable. Thank you, Tyler!

 

Userlevel 7
Badge +25

I am late to this topic, but not here for swag anyway.

 

I think the part of the opening statement struck me the hardest: “...the average ransom demand was at its highest ever, with the median cost hitting just under $200,000.” and “...Ransomware gangs increasingly targeted smaller businesses.” just pisses me off. Smaller businesses could be put out of business by such an attack, and obviously often have less capable IT support or the funds to pay such a ransomware bill in the first place.  (Also indicates to me that the “gangs” have a poor long term planning. Kind of reminds me of drug dealers killing their customers with bad drugs. Eliminating your customers is just stupid. But I digress.) 

We really need to push our clients for secure, air gapped backup systems. Latest Ransomeware now knows how to look for servers on the same network and backup systems as well. 

A lot of interesting info in this report but for me the first stat that stood out was that among infected consumer PCs, 19.9% were infected more than five times. How is that possible? 

I was also surprised by this, again! I can’t help but wonder if these systems were never really recovered and cleaned properly?  You would think people would learn, but if they have no education on the cause, and believe just repairing the system is enough, then I am not surprised at all. 

Reply