Inkit logo
Products
DocGen

Create documents in total privacy

paper icon
Records Management

Set records management policies

folder icon
Workflows

Automate workflow processes

flows icon
Digital Signature

Elevate the security of your digital signatures

signature icon
Solutions
By Industry
Financial Services

Generate, store, and share your financial documents

money icon
Government

Zero Trust security for your government agency

Government icon
Healthcare

Store and share your patient data securely

health icon
Utilities

Document generation and file-sharing solutions

lightning bolt icon
Customers
Developers
Documentation
Guides
WelcomeFeaturesSigning UpQuickstart
SalesforceCreating TemplatesGenerating DocumentsUsing the API
API Reference
integrations icon
API Change Log
bars icon
API Status
computer icon
Libraries & SDKs
squares icon
Resources
Insights

Get in the know with articles about Inkit

panels icon
Press

Get the latest new about Inkit

book icon
Encryption

Protect your information with end-to-end encryption

encryption icon
Salesforce

Learn how Inkit integrates with your Salesforce account

salesforce small logo
Contact Us
Inkit logoBook a Demo
hamburger icon
Home
Products
DocGenRecords ManagementWorkflowsDigital Signature
Solutions
Financial ServicesGovernmentHealthcareUtilities
Documents
Guides & DocumentationAPIs ReferenceAPI StatusAPI Change LogLibraries & SDKs
Resources
InsightsPressEncryptionSalesforce
Contact Us
Insights Home
January 17, 2024
5 of the Most Impactful Cybersecurity Stories of 2023
Information Security
Industry Deep Dives
DocGen
github iconlinkedin iconfacebook iconX icon
TABLE OF CONTENTS
1
The Most Impactful Stories in Cyber Security 2023
2
‍Common 2023 Cyber Security Themes
3
Final Thoughts
4
5
6
7
8
9
FAQs
Final Takeaway
SHARE THIS ARTICLE
github iconlinkedin iconfacebook iconX icon
Loading the Elevenlabs Text to Speech AudioNative Player...

Cybersecurity is crucial in 2025 when businesses and individuals rely on the internet for daily operations. In 2023 alone, we've witnessed several cybersecurity incidents that remind us of the importance of staying ahead of emerging threats. 

In this post, we'll explore the top five cyber security incidents and stories of 2023 and how organizations and business leaders dealt with and learned from them. From the United States National Cybersecurity Strategy to the MOVEit attacks orchestrated by the Clop group, we'll see how even the most technologically advanced companies are susceptible to cyber threats, and how businesses can act to mitigate these threats in 2025.

The Most Impactful Stories in Cyber Security 2023

1: The New US National Cybersecurity Strategy

Cybercrime and cyber insecurity are ranked as the 8th most severe risk in the World Economic Forum's Global Risks Report for 2023, not just in the short term but also over the next decade. 

In March 2023, President Joe Biden introduced the National Cybersecurity Strategy, a comprehensive plan to enhance online security for all. The initiative is part of a broader effort by the Biden administration to improve technology and cyber governance. The strategy aims to hold technology companies accountable, strengthen privacy protections, and promote fair competition within the vast online domain. 

The US government has developed a comprehensive cybersecurity strategy to protect the country's critical infrastructure and combat cyber risks and threats. The strategy has five pillars, each with specific objectives to ensure the security and resiliency of the nation's digital landscape.

‍

2: The Lockbit ‘Cyber Incident’ at Boeing

Boeing, a leading aerospace company, faced a cybersecurity threat in 2023 that affected its parts and distribution business. The incident raised questions about the safety of sensitive data and came to light after the Lockbit cybercrime group issued a ransom threat. Although Boeing confirmed that flight safety was not compromised, the potential exposure of critical data prompted the company to take swift action and collaborate with law enforcement.

Lockbit has a history of targeting organizations worldwide, and despite Boeing's efforts to secure its systems, the extent of data compromise remains unclear. As the company works to manage the incident and coordinate with regulatory authorities, the event highlights the persistent threats that even the most substantial players in the cybersecurity game face. 

This situation highlights how important it is to protect our data from ransomware attacks. We must take proactive steps to defend ourselves and work with law enforcement to stay ahead of potential threats in the digital world.

‍

3: The MOVEit Attacks

This cyber attack involves a group known as Clop, which primarily operates in the Russian-speaking region. Their modus operandi was to exploit a critical vulnerability within Progress' MOVEit file transfer tool to steal data and leak it on their website on the dark web.

The attack against MOVEit commenced in May 2023, and instead of encrypting the files, Clop threatened to publish the stolen data on the internet if the victim companies didn't pay them. This is an unconventional approach, as most hackers resort to encryption and demand a ransom to release the data. 

This attack affected big corporations such as IBM, Cognizant, and Deloitte. It impacted many individuals and entities, with approximately 2,667 organizations and 84 million people caught in its digital grip. By July, it was estimated that Clop could have potentially made between $75 million and $100 million from this cyber attack alone.  

Other major incidents in the MOVEit campaign included the breach of the Louisiana Office of Motor Vehicles (up to 6 million Louisiana residents impacted) and the Oregon Driver and Motor Vehicles division of the Oregon Department of Transportation (3.5 million Oregon residents impacted).

This incident is considered one of the most significant data breaches in recent memory, impacting people across different industries, and underscores the importance of a secure document management system.

‍

4: The Breach of US Government Email Accounts by Chinese State Hackers

Microsoft revealed that a Chinese-state advanced persistent threat (APT) actor, Storm-0558, infiltrated email accounts across multiple US government agencies. This digital security breach remained undetected for over a month until Microsoft intervened. Storm-0558 used forged authentication tokens to gain access to enterprise mail, exposing data from 25 organizations and related personal email accounts.

Microsoft's real-time investigation, sparked by customer reporting on June 16, showed that Storm-0558 focused on espionage to collect intelligence. The attack exploited a validation issue that allowed hackers to impersonate Azure Active Directory users, highlighting the evolving tactics of cyber adversaries and emphasizing the continual efforts needed to safeguard against complex vulnerabilities in the ever-changing cybersecurity landscape.

This is not the first time Microsoft has encountered coordinated cyber espionage campaigns by the Chinese state. In May 2023, they collaborated with international counterparts to expose an APT actor, Volt Typhoon, which targeted critical national infrastructure. The escalation in tactics employed by Chinese cyber espionage, moving from broad campaigns to stealthy maneuvers, poses a challenge to cloud security and wider network risk that requires ongoing vigilance and innovation in defense strategies.

‍

5: The Pentagon Leaks

The Pentagon leaks, orchestrated by a 21-year-old Massachusetts Air National Guard member, Jack Teixeira, stand as a stark reminder of the persistent threat insiders pose. 

Teixeira leaked highly sensitive military documents, which eventually found their way into the hands of Russians tracking the war in Ukraine. The leaked documents include classified information on Ukraine's armed forces, details of spying operations against allied governments, and assessments of US spy satellites. 

Teixeira's actions could be far-reaching, affecting Ukraine's war strategy and straining US relationships with its allies. The incident underscores the importance of addressing insider risks in military and government organizations and across all sectors. The breach also raises questions about internal security policies, as Teixeira could print out and take top-secret documents home, demonstrating serious lapses in enforcement. 

Organizations are urged to evaluate and strengthen their plans to mitigate insider threats, protect sensitive information, and consider document management strategies, such as disappearing documents and end-to-end encryption, that strengthen data security.

‍

‍Common 2023 Cyber Security Themes

While each of these attacks presents novel challenges and unique circumstances, there are some common themes that businesses and governments should be aware of as we move into 2025.

One key commonality between all these cyber incidents has been the need to secure data and documentation, even against insider threats. Enterprise-level solutions, such as MOVEit and Microsoft, still contain weaknesses that criminals are able to exploit, and their size is no guarantee of security. 

Instead, government branches and large businesses must look to prioritize documentation management as their 2025 strategy, seeking solutions like Inkit, which include document retention and management features, encryption as standard, and zero trust architecture.

Failure to comply with document requirements can have serious consequences. These can include legal fines, damage to your reputation, and disruption of your operations.

— Is your organization compliant?
Learn More about Document Requirements

Final Thoughts

Looking back at the cybersecurity events of 2023, it's clear that the online landscape is more challenging than ever before.

It's crucial to learn from these events and take steps to strengthen our digital defenses in 2025. This includes developing comprehensive cybersecurity strategies, leveraging advanced technologies like AI, and addressing internal risks in the hybrid workplace. By staying vigilant, implementing robust security measures, and promoting a culture of cybersecurity, we can create a safer digital future. 

To learn more about how Inkit can help you safeguard your organization’s documentation, contact us now.

“Inkit’s steadfast prioritization on data security, providing the best possible variable costs, and having a rockstar support team has made this partnership exceptional.”
— Aaron Williams, Head of Asana for Nonprofits
Learn More About DocGen at Inkit
airforce logo
“The assurance of data security is mission-critical to our everyday operations. The Inkit platform has provided us the single, all-inclusive solution we needed to maintain control and privacy over our information.”
Learn More About DocGen at Inkit
Black vital logo
“Using Inkit’s on-demand document generation and retention policies has proven to be highly successful for us. We’re using the API to generate application and adverse action notices. The platform provides us development and cost savings over implementing a custom solution.”
— Ed Cody, COO at Vital Card
Learn More About DocGen at Inkit
Black bird logo
“Inkit has enabled us to streamline our back office and collections, reducing program spend by up to 94%, while maintaining the flexibility to integrate with our existing apps and tools.”
— Jordan Hill, Product Manager at Bird Global
Learn More About DocGen at Inkit

Trusted by Those Who Put Privacy First

Experience the leading secure document generation platform. See Inkit in action.

Book a Demo

All-in-One Solution for DocGen

Automate your document generation with Inkit. Get unparalleled control, security, and end-to-end encryption to help you scale.

Book a Demo

Records Retention & Archival on Auto-Pilot

Automate records retention compliance, safeguard documents, and destroy files based on your organization’s policies.

Book a Demo

End-to-End Encryption

Get peace of mind with our zero-access security to safeguard your private information.

Book a Demo

Easy & Secure Digital Signatures

Streamline your agreement process with Inkit. Create custom workflows to request and collect digital signatures.

Book a Demo
Book a Demo with Inkit
Book a Demo with Inkit

FAQs

Why is cybersecurity so critical for businesses and governments today?

Cybersecurity is essential as digital operations increase and data breaches become more sophisticated. Protecting sensitive data from unauthorized access and attacks helps prevent significant financial and reputational losses.

What was the purpose of the new US National Cybersecurity Strategy introduced in 2023?

The strategy aims to protect the nation's digital infrastructure, promote secure technology development, and hold tech companies accountable. Its five pillars address current and future cyber threats, encouraging resilience across industries.

What lessons can businesses learn from the MOVEit attacks?

The MOVEit attacks highlighted the importance of proactive security, particularly in managing file transfer systems. Businesses should regularly assess vulnerabilities, ensure encryption, and implement secure document management to reduce data breach risks.

How did insider threats impact cybersecurity in 2023, as seen in the Pentagon leaks?

The Pentagon leaks underscored the dangers of insider threats, which can be as damaging as external attacks. Organizations must prioritize secure document access controls and audit trails to reduce risks from within.

What steps can organizations take to protect against state-sponsored cyber espionage?

To defend against sophisticated espionage campaigns, organizations should use advanced security measures like end-to-end encryption, multi-factor authentication, and regular system audits. Collaborating with cybersecurity partners can also help detect and counteract threats efficiently.

Spotlight Picks

Insights, strategies, and stories shaping the future of your industry.

Upcoming Webinars you Won't Want to Miss

Dive Deeper into the topics shaping cybersecurity and compliance in 2025. Join our experts for actionable insights and live Q&A sessions.

RELATED ARTICLES
Best Secure Document Sharing Tools for 2025
Read
Is iCloud Secure for Documents?
Read
Fortifying National Security: Zero Trust in the US Military and its Impact on Document Generation
Read
Up Next
github iconlinkedin iconfacebook iconX icon
February 28, 2025

February Insights: The Rules are Changing. No More Do-Overs

AI risks, regulatory crackdowns, and Zero Trust shifts—2025 leaves no room for error. Stay ahead of breaches, data laws, and compliance changes.
Industry Deep Dives
January 17, 2025

January Insights: Your 2025 Survival Guide

2025 begins with AI threats, Zero Trust strategies, and evolving cyber risks. Equip yourself with insights and tools to lead confidently this year.
Industry Deep Dives
December 31, 2024

December Insights: Lessons From 2024

Lessons from 2024: AI-driven threats and quantum shifts reshaped cybersecurity. Stay ahead in 2025 with strategies for leaders like you.
Industry Deep Dives
Inkit logo
Secure Document Generation (SDG)
github iconlinkedin iconfacebook iconX icon
Platform
DocGen
Records Management
Workflows
Digital Signature
Company
Contact Us
Careers
Media Kit
Solutions
Financial Services
Government
Healthcare
Utilities
Document Streaming
Developers
Documentation
APIs
Libraries & SDKs
API Status
API Changelog
Resources
Insights
Encryption
Salesforce
DocRetention
Downloads

© Inkit Inc. All rights reserved.

Terms
Privacy
Legal
Site Map
Accessibility
We use cookies to enhance your browsing experience, serve personalized ads and content, and analyze our traffic. By clicking “Accept”, you agree to the use of cookies as detailed in our Privacy Policy and Cookie Policy.
PreferencesDenyAccept
Privacy Preference Center
When you visit websites, they may store or retrieve data in your browser. This storage is often necessary for the basic functionality of the website. The storage may be used for marketing, analytics, and personalization of the site, such as storing your preferences. Privacy is important to us, so you have the option of disabling certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may impact your experience on the website.
Reject all cookiesAllow all cookies
Manage Consent Preferences by Category
Essential
Always Active
These items are required to enable basic website functionality.
Marketing
These items are used to deliver advertising that is more relevant to you and your interests. They may also be used to limit the number of times you see an advertisement and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the website operator’s permission.
Personalization
These items allow the website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features. For example, a website may provide you with local weather reports or traffic news by storing data about your current location.
Analytics
These items help the website operator understand how its website performs, how visitors interact with the site, and whether there may be technical issues. This storage type usually doesn’t collect information that identifies a visitor.
Confirm my preferences and close