Report

📊 2023 OpenText Cybersecurity Threat Report

📊 2023 OpenText Cybersecurity Threat Report
Userlevel 7
Badge +25
  • Sr. Security Analyst & Community Manager
  • 1164 replies

Our latest OpenText Cybersecurity Threat Report is finally here!

 

Cybersecurity professionals were kept on their toes throughout 2022. Russia’s invasion of Ukraine sent shockwaves through organized cybercrime and disrupted ongoing operations by REvil and Conti. Global law enforcement continued to aggressively target threat actors, including the Hive ransomware gang. And discovery of critical vulnerabilities and exposures (CVE) continued at a record pace, with nine CVEs published with scores of 9 or higher.

 

Our report is full of great insights. Some key findings include:

  • The Middle East, Asia, and South America were the regions with the highest percentage of infections.
  • 55.6% of consumer PCs were infected more than once, and 19.9% infected more than 5 times.
  • Facebook was most often impersonated company in phishing attacks.
  • During 2022, 84% of ransomware attacks now include leak sites
  • The year-end average for ransomware payments in 2022 has skyrocketed to over $400,000

With Ransomware now turning 10 years old, it’s been a wildly successful ‘business model’ for cybercriminals. The growth of extortion leak sites amongst ransomware gangs is a worrying trend showcasing the chase for profits. The damage to victims is twofold as the cost of noncompliance with data privacy regulations and damage to the brand can be even more devastating than disruption from ransomware, especially for larger organizations. It has become more attractive to just pay the ransom and sweep the entire incident under the rug.

 

Last year was marked by innovation across the threat landscape. In this year’s full report, we delve into the developments affecting businesses large and small.

 

Download the report and discover for yourself our complete analysis and predictions powered by OpenText Cybersecurity Threat Intelligence

 

We invite you to dive into the report and share your favorite findings with our community. The participants with the most interesting takeaway comments, as decided by our expert panel, will win a $25 Amazon Gift card 🏆 4 winners will be announced next week.

 

What will you win?

 

Here's how to participate:

1️⃣ Share your favorite stat, finding, or insight from the 2023 OpenText Cybersecurity Threat Report.

2️⃣ Explain why you find it interesting, and what implications it may have for the cybersecurity landscape.

3️⃣ Engage with fellow participants by asking questions, providing additional insights, or sharing your own thoughts on their findings.

 

This event is a fantastic opportunity to explore the report together, exchange ideas, and enhance our understanding of current and emerging cybersecurity threats. So, let's dive in and discuss the most captivating takeaways from the 2023 OpenText Cybersecurity Threat Report!

 

The first 10 community members who comment will win some SWAG (if you haven’t already won it)

SWAG

Be sure to check back every day this and next week for more prizes and giveaways :)


33 replies

Userlevel 7
Badge +63

Awesome and thanks Tyler! 😉 I’m not in for the Prizes Thanks!

Userlevel 7
Badge +4

“Facebook was most often impersonated company in phishing attacks.”

Does anyone still use Facebook? Surprised this hasn’t been overtaken by TikTok.

Userlevel 7
Badge +63

“Facebook was most often impersonated company in phishing attacks.”

Does anyone still use Facebook? Surprised this hasn’t been overtaken by TikTok.

I don’t use either only Twitter.

Userlevel 7
Badge +25

“Facebook was most often impersonated company in phishing attacks.”

Does anyone still use Facebook? Surprised this hasn’t been overtaken by TikTok.

Instagram also made the top 5 in fishing and while they are a separate brand, they are owned by Facebook.

Facebook is still very much heavily targeted 

Userlevel 7
Badge +54

I have accounts with Instagram, Facebook, and Twitter but the only one I really post on it Twitter.
Tik Tok, not a chance, I just stay clear of that one.

Userlevel 6
Badge +1

Instagram is renown for phishing attacks I can second that lucy23177 always wants to send private messages  ... 

Userlevel 7
Badge +5

I have accounts with Instagram, Facebook, and Twitter but the only one I really post on it Twitter.
Tik Tok, not a chance, I just stay clear of that one.

Im exactly the same. Although recently I dont even post on Twitter. Just use them as a tool for news really.

Awesome learning resource, it gives a lot of insights into the threat landscape.

What surprises me: companies with a lot of Webroot licenses have much higher malware infection rates. I appreciate there is no causality here, but it’s still a surprising correlation.

And it’s good to read that DNS protection has a great impact on security.

Userlevel 7
Badge +4

@TylerM  Awesome reading thank you. As the “world evolves” we need to get wiser. Still amaze me how someone (19.9%) were infected more than 5 times. Also surprised that especially Africa have a lower infection rate compared to countries such as the Middle East. With the infection rate per industry having manufacturing at the top of the list is a scary thought especially with IoT going the rate that it does….. I am definitely cancelling my fridge’s email immediately. And no WIFI for the microwave. SAT and DNS Protection is more and more becoming a “have-to” no matter how you look at it. a rock-solid 3-2-1-1 backup strategy for every aspect of data protection strategy is simply NON-NEGITIABLE. 

Userlevel 5

I want to share this report with all my Linkedin contacts in Italy.
I find that the more information available to users the better it will be for the safety of all of us.

Userlevel 4

Great review that helps focusing on the biggest target

Userlevel 7
Badge +5

A lot of interesting info in this report but for me the first stat that stood out was that among infected consumer PCs, 19.9% were infected more than five times. How is that possible? I thought were are all taught to learn from mistakes. How can you possibly get infected more than 5 times unless you want to?!

Also find it interesting that eBay has gone from being top in 2020 for Phishing Attacks to not being on the top 10 at all. I understand why the other companies are heavily impersonated but surprised eBay isn't in there and Amazon is only 9th now.

The stats looks like people are using social media way more and not online shopping as much. Certainly not the case for me. Or is social media/communication accounts just seen as the best/easiest to target?

Userlevel 5
Badge +4

I appreciate the recognition that going after smaller businesses has lowered the median ransomware amount, but I would still love to see average and median ransom amounts broken out by business size (both employee count and revenue) and industry. 

Userlevel 7
Badge +62

@TylerM , I am confused as to the time of this event/meeting. I have seen 11 am, 12am and 1 pm. CT. Can you confirm please?

Userlevel 6
Badge

It was interesting to read about Phishing Attacks, this is something we see almost every day in our business

Userlevel 7
Badge +25

@TylerM, I am confused as to the time of this event/meeting. I have seen 11 am, 12am and 1 pm. CT. Can you confirm please?

The webinar is 12pm EST or 11am CST 😀

Userlevel 4

That is just so worrying that a fifth of people keep getting caught out over and over again, it makes me sad that people don’t learn from their mistakes!

Userlevel 7
Badge +6

Seeing the stats on email-based phishing attacks confirms what we’ve been seeing on our end. I think every single security incident we’ve had started with a phishing email.

Also great to see SAT/Endpoint Protection/DNS implementation results in a 40% reduction in malware incidents. We’ve had Endpoint and DNS protection for a while, but good to know SAT has a positive impact as well. It’s easy to feel like it’s not helping.

Userlevel 7

@TylerM, I am confused as to the time of this event/meeting. I have seen 11 am, 12am and 1 pm. CT. Can you confirm please?

The webinar is 12pm EST or 11am CST 😀

Missed it. Our electric went out about 11 am. Accident in neighborhood, car took out utility pole knocking out the electric in the whole neighborhood. No injuries.

Userlevel 7
Badge +54

@TylerM, I am confused as to the time of this event/meeting. I have seen 11 am, 12am and 1 pm. CT. Can you confirm please?

The webinar is 12pm EST or 11am CST 😀

 

Sorry I did not get in from work until after it has started and missed about a quarter of it but what I saw was great, thank you Tyler.

Userlevel 7
Badge +5

Thanks for the webinar @TylerM shame I had to sign off before the trivia but had to take my daughter to gymnastics!

Userlevel 2
  • 55.6% of consumer PCs were infected more than once, and 19.9% infected more than 5 times.

How can one pc and or one user not learn their lesson once they have been infected? This is absolutely mind boggling. 

Userlevel 1

Could you please confirm the timing of the event/meeting as I'm uncertain? I have seen conflicting schedules mentioning 11 am, 12 am, and 1 pm CT.

Just to clarify, the webinar is scheduled for 12 pm EST or 11 am CST. 😀

Apologies for missing the initial portion of the event/meeting as I had just arrived from work, but I found the remainder to be informative and enjoyable. Thank you, Tyler!

 

Userlevel 7
Badge +25

I am late to this topic, but not here for swag anyway.

 

I think the part of the opening statement struck me the hardest: “...the average ransom demand was at its highest ever, with the median cost hitting just under $200,000.” and “...Ransomware gangs increasingly targeted smaller businesses.” just pisses me off. Smaller businesses could be put out of business by such an attack, and obviously often have less capable IT support or the funds to pay such a ransomware bill in the first place.  (Also indicates to me that the “gangs” have a poor long term planning. Kind of reminds me of drug dealers killing their customers with bad drugs. Eliminating your customers is just stupid. But I digress.) 

We really need to push our clients for secure, air gapped backup systems. Latest Ransomeware now knows how to look for servers on the same network and backup systems as well. 

A lot of interesting info in this report but for me the first stat that stood out was that among infected consumer PCs, 19.9% were infected more than five times. How is that possible? 

I was also surprised by this, again! I can’t help but wonder if these systems were never really recovered and cleaned properly?  You would think people would learn, but if they have no education on the cause, and believe just repairing the system is enough, then I am not surprised at all. 

Userlevel 7
Badge +25

“Facebook was most often impersonated company in phishing attacks.”

Does anyone still use Facebook? Surprised this hasn’t been overtaken by TikTok.

This is surprising as in a different report I read they said that Apple was the most impersonated company. 

Reply