January 17, 2024

5 of the Most Impactful Cybersecurity Stories of 2023

Information Security

Cybersecurity is crucial in 2024 when businesses and individuals rely on the internet for daily operations. In 2023 alone, we've witnessed several cybersecurity incidents that remind us of the importance of staying ahead of emerging threats. 

In this post, we'll explore the top five cyber security incidents and stories of 2023 and how organizations and business leaders dealt with and learned from them. From the United States National Cybersecurity Strategy to the MOVEit attacks orchestrated by the Clop group, we'll see how even the most technologically advanced companies are susceptible to cyber threats, and how businesses can act to mitigate these threats in 2024.

The Most Impactful Stories in Cyber Security 2023

1: The New US National Cybersecurity Strategy

Cybercrime and cyber insecurity are ranked as the 8th most severe risk in the World Economic Forum's Global Risks Report for 2023, not just in the short term but also over the next decade. 

In March 2023, President Joe Biden introduced the National Cybersecurity Strategy, a comprehensive plan to enhance online security for all. The initiative is part of a broader effort by the Biden administration to improve technology and cyber governance. The strategy aims to hold technology companies accountable, strengthen privacy protections, and promote fair competition within the vast online domain. 

The US government has developed a comprehensive cybersecurity strategy to protect the country's critical infrastructure and combat cyber risks and threats. The strategy has five pillars, each with specific objectives to ensure the security and resiliency of the nation's digital landscape.

2: The Lockbit ‘Cyber Incident’ at Boeing

Boeing, a leading aerospace company, faced a cybersecurity threat in 2023 that affected its parts and distribution business. The incident raised questions about the safety of sensitive data and came to light after the Lockbit cybercrime group issued a ransom threat. Although Boeing confirmed that flight safety was not compromised, the potential exposure of critical data prompted the company to take swift action and collaborate with law enforcement.

Lockbit has a history of targeting organizations worldwide, and despite Boeing's efforts to secure its systems, the extent of data compromise remains unclear. As the company works to manage the incident and coordinate with regulatory authorities, the event highlights the persistent threats that even the most substantial players in the cybersecurity game face. 

This situation highlights how important it is to protect our data from ransomware attacks. We must take proactive steps to defend ourselves and work with law enforcement to stay ahead of potential threats in the digital world.

3: The MOVEit Attacks

This cyber attack involves a group known as Clop, which primarily operates in the Russian-speaking region. Their modus operandi was to exploit a critical vulnerability within Progress' MOVEit file transfer tool to steal data and leak it on their website on the dark web.

The attack against MOVEit commenced in May 2023, and instead of encrypting the files, Clop threatened to publish the stolen data on the internet if the victim companies didn't pay them. This is an unconventional approach, as most hackers resort to encryption and demand a ransom to release the data. 

This attack affected big corporations such as IBM, Cognizant, and Deloitte. It impacted many individuals and entities, with approximately 2,667 organizations and 84 million people caught in its digital grip. By July, it was estimated that Clop could have potentially made between $75 million and $100 million from this cyber attack alone.  

Other major incidents in the MOVEit campaign included the breach of the Louisiana Office of Motor Vehicles (up to 6 million Louisiana residents impacted) and the Oregon Driver and Motor Vehicles division of the Oregon Department of Transportation (3.5 million Oregon residents impacted).

This incident is considered one of the most significant data breaches in recent memory, impacting people across different industries, and underscores the importance of a secure document management system.

4: The Breach of US Government Email Accounts by Chinese State Hackers

Microsoft revealed that a Chinese-state advanced persistent threat (APT) actor, Storm-0558, infiltrated email accounts across multiple US government agencies. This digital security breach remained undetected for over a month until Microsoft intervened. Storm-0558 used forged authentication tokens to gain access to enterprise mail, exposing data from 25 organizations and related personal email accounts.

Microsoft's real-time investigation, sparked by customer reporting on June 16, showed that Storm-0558 focused on espionage to collect intelligence. The attack exploited a validation issue that allowed hackers to impersonate Azure Active Directory users, highlighting the evolving tactics of cyber adversaries and emphasizing the continual efforts needed to safeguard against complex vulnerabilities in the ever-changing cybersecurity landscape.

This is not the first time Microsoft has encountered coordinated cyber espionage campaigns by the Chinese state. In May 2023, they collaborated with international counterparts to expose an APT actor, Volt Typhoon, which targeted critical national infrastructure. The escalation in tactics employed by Chinese cyber espionage, moving from broad campaigns to stealthy maneuvers, poses a challenge to cloud security and wider network risk that requires ongoing vigilance and innovation in defense strategies.

5: The Pentagon Leaks

The Pentagon leaks, orchestrated by a 21-year-old Massachusetts Air National Guard member, Jack Teixeira, stand as a stark reminder of the persistent threat insiders pose. 

Teixeira leaked highly sensitive military documents, which eventually found their way into the hands of Russians tracking the war in Ukraine. The leaked documents include classified information on Ukraine's armed forces, details of spying operations against allied governments, and assessments of US spy satellites. 

Teixeira's actions could be far-reaching, affecting Ukraine's war strategy and straining US relationships with its allies. The incident underscores the importance of addressing insider risks in military and government organizations and across all sectors. The breach also raises questions about internal security policies, as Teixeira could print out and take top-secret documents home, demonstrating serious lapses in enforcement. 

Organizations are urged to evaluate and strengthen their plans to mitigate insider threats, protect sensitive information, and consider document management strategies, such as disappearing documents and end-to-end encryption, that strengthen data security.

Common 2023 Cyber Security Themes

While each of these attacks presents novel challenges and unique circumstances, there are some common themes that businesses and governments should be aware of as we move into 2024.

One key commonality between all these cyber incidents has been the need to secure data and documentation, even against insider threats. Enterprise-level solutions, such as MOVEit and Microsoft, still contain weaknesses that criminals are able to exploit, and their size is no guarantee of security. 

Instead, government branches and large businesses must look to prioritize documentation management as their 2024 strategy, seeking solutions like Inkit, which include document retention and management features, encryption as standard, and zero trust architecture.

Final Thoughts

Looking back at the cybersecurity events of 2023, it's clear that the online landscape is more challenging than ever before.

It's crucial to learn from these events and take steps to strengthen our digital defenses in 2024. This includes developing comprehensive cybersecurity strategies, leveraging advanced technologies like AI, and addressing internal risks in the hybrid workplace. By staying vigilant, implementing robust security measures, and promoting a culture of cybersecurity, we can create a safer digital future. 

To learn more about how Inkit can help you safeguard your organization’s documentation, contact us now.

Trusted by Those Who Put Privacy First

See Inkit in Action
Startups now receive up to one year of complimentary access to Inkit.