Always good to have some historical data on cyber attacks;
Tokio Marine HCC International (TMHCCI), a member of the Tokio Marine HCC group of companies, headquartered in Houston, Texas, has today released its Top 10 Cyber Incidents 2023 report.
Against a backdrop of rising geopolitical tension and growing cyber-criminal activity, the global insurer announces its Top 10 Cyber Incidents report. Based on an estimation of TMHCCI’s Cyber Security Insurance team, the list of the worst and most significant cyber incidents from 2023 has been compiled in terms of financial impact and reputational damage.
For the second year in a row, a nation-state attack is prominently featured on the list, with multiple significant cyber-attacks being launched by Hamas and its allies against Israel at the start of the conflict in the middle east. A large DDoS attack was detected against websites that provided critical information to civilians on rocket attacks, and criminal group AnonGhost also exploited a vulnerability in a mobile app that alerts Israeli civilians, most notably allowing them to intercept requests and send fake alerts.
In line with a growing presence of ransomware attacks, this attack vector featured heavily, making up four of the 10 spots on the list. Data breaches were the second most common type of attack, appearing three times.
The report also features the largest DDoS attack ever recorded – a failed attack on Google which peaked at 398 million requests per second.
Top 10 Cyber Incidents 2023
TMHCCI’s top incidents list includes the following attacks:
- Hamas’ kinetic cyber-attack against Israel
- Supply chain attack against ION Derivatives
- Data breaches caused by vulnerability in MoveIT software
- LockBit ransomware attack against ICBC
- “Scattered Spider” ransomware group attacks against Caesars and MGM Casinos
- Marina Bay Sands data breach incident
- Credit card data interception attack against Air Europa
- LockBit ransomware attack against UK Royal Mail
- LockBit ransomware attack against Boeing
- Largest DDoS attack ever recorded against Google
Isaac Guasch, Cyber Security Leader at Tokio Marine HCC and one of the authors of the report, said: “The normalisation of cyber-attacks has meant that these stories do not make the headlines as much as they would in the past, but businesses must stay vigilant as criminal organisations such as LockBit continue to commercialise the industry, particularly in relation to ransomware. 2023 was a busy year for cyber criminals, and ransomware has proven to be one of the most profitable and effective attack vectors for the gangs to utilise, hence it’s prevalence in recent years. With the advent of new technologies to enable more effective attacks, this upwards trend is only going to accelerate.
“Nation-state cyber-attacks are now an important part of military aggression, working in tandem with real-world forces to neutralise defensive capabilities, as demonstrated in both Hamas’ attack on Israel and in Russia’s invasion of Ukraine. In the years to come, it is likely we will see these types of attacks continue to dominate the cyber security landscape.
“As is already frequently discussed, artificial intelligence (AI) is going from strength to strength. In an already highly dynamic industry, cybersecurity specialists are going to experience new waves of innovative attacks made possible through generative AI. However, by leveraging these new tools, businesses will also be able to bring about new innovative cybersecurity solutions, leading to a potential arms race between criminal gangs and those trying to stop them.”
Access the full report for the complete data and comments.
Be the first to comment