Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Lewis Maddison

The MOVEit breach may well have been the biggest cyberattack of the year

Red padlock open on electric circuits network dark red background.

It seems the breach of the file transfer service MOVEit was one of the biggest cyberattacks of 2023 - despite it being a year in which a number of dangerous new trends and tactics emerged. 

A new report from ESET examined the most significant cyber incidents of the second half of 2023, noting that what made the MOVEit breach unique, aside from its widespread impact, was the fact that no ransomware was actually deployed by Cl0p, the gang behind the attack. 

It also leaked stolen data from victim organizations onto public website, another case of a new tactic being employed by cybercriminals. This was emulated by the notorious ALPHV/ BlackCat ransomware gang, who were also prevalent this year.

In its report, ESET notes that due to the sheer scale of the MOVEit hack, it was likely too much effort for Cl0p to encrypt every victim it captured. ESET cites figures from Emsisoft who estimates the number of affected organizations after six months to be over 2,600. 

Victims ranged from government agencies, schools and healthcare, to major firms like Sony and PricewaterhouseCoopers (PwC).  

Another emerging trend for this year has been the rise of attacks involving AI, not surprising given the boom the technology has experienced in the wake of ChatGPT's public release in November 2022.

Many campaigns have targeted users of AI tools like ChatGPT, as well as creating fake domains resembling 'ChatGPT' in their wording. Such domains include web apps that use the OpenAI API keys in an insecure way, threatening user's data privacy. 

Also taking this year by storm was the Lumma stealer, which was very successful in stealing crypto wallets. It alone was responsible for a 68% rise in crypto theft this year, accounting for 80% of detections in this sector. The Lumma malware has also been stealing credentials and other information, with the total number of Lumma detections tripling between H1 and H2 2023.  

And the ever-present Magecart threat, which has been hassling retailers since 2015, still remains strong - in fact it has actually been growing this year. It injects code into unsecure websites to steal information from users, such as their credit card details. The number of detections between 2021 and 2023 rose by 343%.

Jiří Kropáč, Director of Threat Detection at ESET, concludes that "these developments show an ever-evolving cybersecurity landscape, with threat actors using a wide range of tactics." With the rise of AI and the constantly evolving tactics of threat actors, it looks as if attacks will only worsen going into next year too.

MORE FROM TECHRADAR PRO

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.