Kaspersky experts: 2023 saw more than two critical cyber incidents per day

Woburn, MA – April 30, 2024 – The frequency of high-severity incidents with direct human involvement exceeded two per day in 2023, according to the Kaspersky Managed Detection and Response (MDR) team. In the latest MDR Analyst Report, they observed this trend across all industries with financial, IT, government, and industrial sectors at the top of the list.

The annual Managed Detection and Response (MDR) Analyst Report provides information about the reported incidents, their nature, and their distribution by industry and geographic region. It also highlights the most common tactics, techniques and tools attackers used in the past year. These results are based on analysis of MDR incidents detected by the Kaspersky Security Operations Center (SOC).

According to the report, 22.9% of all detected high-severity incidents were recorded in the government sector. IT companies came second (15.4%), closely followed by financial and industrial companies that reported 14.9% and 11.8% of incidents, respectively.

Nearly 25% of these incidents were driven by humans. Just over 20% involved various types of “cyber exercises,” which had been previously classified by Kaspersky as targeted attacks, but designated as “cyber exercises” upon explicit confirmation by the customer.

The percentage of malware attacks resulting in serious consequences dipped slightly in 2023 compared to previous years, accounting for just over 12% of the total reported critical incidents. This decline represents the smallest share of high severity incidents in recent years and can be attributed to the “commoditization of attacks.” This trend reflects the widespread adoption of previously developed tools, originally designed for conducting targeted campaigns which, due to deliberate or accidental leaks, have become common. These tools are now being repurposed in attempts to implement fully automated attack scenarios.

The 2023 MDR report, also found that the proportion of incidents involving the detection of targeted attack artefacts, publicly available critical vulnerabilities and the use of social engineering was around 4-5%.

“In 2023, Kaspersky detected a smaller number of high-severity incidents, but observed a simultaneous increase in the number of medium and low severity ones,” said Sergey Soldatov, head of security operations center at Kaspersky. “This redistribution of occurrences is associated with the detection of malware without visible traces of active human participation in attacks, which can be explained by the ‘commoditization of tools.’ However, it’s important to understand that the low number of high-severity incidents does not necessarily indicate low damage. Targeted attacks are now planned more carefully, and become more dangerous. Therefore, we recommend the use of effective automated cybersecurity solutions managed with the help of experienced SOC analysts.”

To enhance their protection against advanced attacks, companies should implement effective cybersecurity solutions and hire qualified practitioners to manage them or adopt managed security services such as Managed Detection and Response (MDR) and Incident Response. These products cover the entire incident management cycle from threat identification to continuous protection and remediation. These services will help protect against evasive cyberattacks, investigate incidents and provide additional expertise even if a company lacks security workers.

The full Kaspersky Managed Detection and Response Analyst Report 2023 is available via this link.

 

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 220,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.