The year 2023 began with significant challenges in the realm of cybersecurity. Reflecting on the events throughout this period, we can affirm that the predictions made at the beginning of the year were accurate in forecasting an increase in cyberattacks across various industries.
The Context
From the start of the year, an increase in cyberattacks worldwide was anticipated. Specifically, in Mexico, the country faced a negative balance, with 85 billion cyberattack attempts recorded in 2022. According to IDC, Mexico ranked first among Latin American countries most attacked by cybercriminals.
The year 2022 witnessed the infamous attack on SEDENA, where cybercriminals extracted 6TB of information from the institution’s servers. This incident marked the year in which the 2021 projections came true, predicting that the rate of attacks would not cease in 2023.
For 2023, the following trends were projected:
- Increase in ransomware attacks with more sophisticated and personalized methods.
- DDoS attacks with extended durations and high volumes.
- Increase in supply chain attacks.
- Attacks on critical infrastructure.
- Return of hacktivist attacks.
- Continuous phishing threats.
A Brief Overview of 2023
Cyberattacks
As we approach the end of 2023, it is timely to reflect on the most notable events in cybersecurity. We have witnessed significant technological advancements and the fulfillment of this year’s predictions, marking substantial changes in information security.
Globally, the threat of cyberattacks continues to rise. According to Acronis, it is estimated that a company suffers a ransomware attack every 11 seconds. In Latin America, ESET’s 2023 security report notes over 25,000 cyberattack reports, representing a 26% increase from 2022. The report highlights the predominant use of methods like malware infection, including ransomware (63% increase), phishing (70%), and identity and access theft (56%).
In Mexico, fluctuations were experienced throughout the year. The country led in the number of attacks at the start of 2023, with 14 million cyberattacks recorded in the first quarter alone. However, it is expected to end the year as the second most attacked country in the region, with 275 attacks per minute, just behind Brazil’s 1,515 attacks per minute, and followed by Colombia with 117 attacks.
Most Affected Industries
In Mexico, the financial sector was particularly affected, with attacks recorded on three major banks and a savings and loan cooperative. These incidents generated 67.6 million pesos in gains for cybercriminals in the first quarter alone.
Globally, Zscaler reports that the manufacturing industry was one of the most attacked by malware, receiving 54.5% of total cyberattacks, averaging 6,000 weekly attacks. In terms of IoT and OT network attacks, Mexico and the United States lead the list, accounting for 69.3% of total attacks in the Americas. Other vulnerable sectors this year included public, educational, and healthcare.
Findings at Cybolt
In our daily work with clients from various industries and sizes, we found a significant increase in attempted and successful attacks, especially in the second half of the year. This has put us on high alert and driven us to generate quicker recommendations for our ecosystem.
The main attacks we addressed were ransomware and identity theft. Various causes and groups were related to these attacks. However, we concluded that the problem often stems from not addressing known vulnerabilities in different technologies promptly.
Another common cause is the lack of integration and proper monitoring of the various security platforms used. With multiple technologies and reporting consoles, attention to detail is lacking, and potential behaviors or situations leading to an attack are not identified in time.
Finally, the importance of user awareness cannot be overstated. Without efforts to improve knowledge and awareness of digital threats, users, both internal and third-party collaborators, will continue to be a door for attacks like phishing, social engineering, and identity theft.
Changes and Advances in 2023
Generative AI tools have played a significant role in cybersecurity. Cybercriminals have used these tools to succeed in their attacks. For example, phishing campaigns now feature emails written in any language, with entirely reliable language, increasing their malware execution rates among victims.
The evolution of cyber threats is faster than ever, thanks to AI tools. We’ve seen attack techniques with malicious actors adapting quickly to changes. Cybercrime is now composed of organized networks, allowing them to evolve efficiently. While AI helps defend us, it also serves as a tool for attackers, emphasizing the need to approach AI developments ethically.
Regulatory changes have also occurred, with large-scale incidents and breaches increasing pressure on corporate boards and governments to strengthen data protection policies and security strategies. Regulations become a key vector in this fight, establishing guidelines for data protection and privacy.
International collaboration has intensified to combat cybercrime. Forming alliances is a crucial strategy in this defense. Examples include Mexico’s participation as an observer in the Budapest Convention and actions like the NATO-accredited Cooperative Cyber Defense Centre of Excellence (CCDCOE).
In regulatory terms, Mexico has made a significant step with the Federal Cybersecurity Law initiative, aiming to “increase cybersecurity under a scheme of co-responsibility, prevention, combat, and prosecution of cybercrimes, while protecting personal data and respecting human rights.” This document has caused controversy, with various national organizations opposing it, arguing that it could empower government entities to censor IP accounts and websites and conduct unjustified cyber patrols, potentially threatening freedom of expression and human rights. This initiative will need further refinement and modification, with civil society, academia, and the private sector contributing to its improvement.
Challenges in Meeting the Demand for Specialized Collaborators
Throughout this year, we faced a shortage of skilled and knowledgeable human capital in cybersecurity. In 2023, the gap widened by 12.6% compared to 2022, despite an 8.7% increase in the workforce. This shows that demand is growing faster than professionalization. A positive note is that Cybolt has responded by creating the Cybolt Academy, which will help address this deficit and meet the needs of both our internal team and our clients.
Closing the 2023 Cybersecurity Chapter
It is clear that the battle between defenders and attackers has intensified. However, the progress made in awareness, technology, and collaboration reminds us that cybersecurity must be a collective effort requiring constant attention and proactive measures. In 2024, we cannot let our guard down and must learn from past knowledge to anticipate new threats.
At Cybolt, we are committed to building trust. We invite you to learn about all the initiatives and projects we developed in 2023 and those to come. Let’s join forces in 2024 to stop threats lurking in cyberspace.
Happy Holidays!
Learn more about our great company at Cybolt.
