Major industries reported two critical security incidents every day in 2023
Is any industry safe from hackers?
Major industries, including finance, IT, industrial and government sectors, report over two critical security incidents with direct human involvement per day, new research from Kaspersky shows.
The Managed Detection and Response Analyst Report for 2023 details that more than one in five (22.9%) of high-severity incidents in 2023 were reported by the government sector, closely followed by the IT sector (15.4%).
The financial industry is less hard hit at just 14.9%, with industrial companies suffering just 11.8% of incidents.
Human coordinated attacks most effective
Almost one quarter of critical security incidents during 2023 were perpetrated with direct human involvement, with the most popular living-off-the-land attacks utilising powershell.exe, rendll32.exe and msiexec.exe.
In terms of MITRE ATT&CK techniques, phishing, account manipulation and exploitation of remote services were the most popular techniques used by attackers. The mean time to report for high severity incidents ranked at 36.37 minutes, with medium and low severity incidents taking 32.55 and 48.01 minutes respectively.
Speaking on the results of the report, Sergey Soldatov, Head of Security Operations Center at Kaspersky said, “In 2023, Kaspersky detected a smaller number of high-severity incidents, but observed a simultaneous increase in the number of medium and low severity ones. This redistribution of occurrences is associated with the detection of malware without visible traces of active human participation in attacks, which can be explained by the “commoditization of tools”.”
“However, it’s important to understand that the low number of high-severity incidents does not necessarily indicate low damage. Targeted attacks are now planned more carefully, and become more dangerous. Therefore, we recommend the use of effective automated cybersecurity solutions managed with the help of experienced SOC analysts,” Soldatov said.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
More from TechRadar Pro
- These are the best endpoint security tools right now
- Collection agency data breach affects millions of users
- Here's a list of the best firewalls around today
Benedict has been writing about security issues for close to 5 years, at first covering geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division). Benedict then continued his studies at a postgraduate level and achieved a distinction in MA Security, Intelligence and Diplomacy. Benedict transitioned his security interests towards cybersecurity upon joining TechRadar Pro as a Staff Writer, focusing on state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.