Worst Cyberattacks of 2023 Explained

Contents show

Now that the year is drawing to a close, we can reflect on all the events we experienced and take a few important lessons with us into the New Year. The rate of cybercrime continues to rise, so it can be useful to evaluate the causes and effects of some of the year’s biggest cyberattacks, so individuals and businesses alike can make smarter, safer choices that improve their security in the coming months and help them avoid becoming victims of whatever devastating attacks will come next.

Royal Mail Ransomware Attack

As early as November 2022, cybersecurity experts identified evidence of the Emotet malware on Royal Mail servers, but it wasn’t until January 2023 that a full-on ransomware attack was launched by cybercriminals. Using the LockBit ransomware, which is sold on the dark web as-a-service, cyberattackers used a Royal Mail distribution center near Belfast, Northern Ireland to print their demands, which involved ransom payments for the safe return and non-release of the agency’s data.

Initially, the Royal Mail advised citizens to use alternative carriers while the ransomware attack was resolved, and because the Royal Mail is considered part of the U.K.’s Critical National Infrastructure, it was able to involve the National Cyber Security Centre and remove the malware relatively quickly, restoring all services by February 6.

The important lesson of this cyberattack is the deployment of Ransomware-as-a-Service. This system allows inexperienced cybercriminals to launch effective attacks on major organizations without the effort of building an attack tool or developing an understanding of different protections. RaaS has grown significantly over 2023 and will likely continue to be a problem for businesses and personal users alike in 2024.

Federal Aviation Administration Incident

On January 11, 2023, the Federal Aviation Administration grounded all flights because a critical FAA system was experiencing issues which could have put the planes and their passengers in peril if ignored. As one might expect, the disruption was significant; flights continued to be delayed for days as airlines struggled to regain some semblance of a regular schedule. To address concerns about the event, Secretary of Transportation Pete Buttigieg suggested that the issues with the critical system arose as a result of a cyberattack — but to date, there has been no clear evidence that a cyberattack ever occurred. Though this event didn’t technically involve cybercrime, it does effectively demonstrate the potential devastating ramifications of cyberattacks and convinced many government agencies to reevaluate their current cybersecurity measures.

GoAnywhere Attacks

Not even cybersecurity companies are safe from cyberattacks, as a February 2023 attack on Fortra’s GoAnywhere file transfer system demonstrated. The cybersecurity firm identified a zero-day vulnerability in the platform, which allowed attackers to remotely execute code and effectively infiltrate dozens of large organizations and government agencies. Among those hit include the healthcare benefits firm NationsBenefits, the City of Toronto, data security firm Rubrik, the Crown Resorts and Procter & Gamble. Unfortunately, into April, the exploit was not fully resolved, and customers who maintained on-premises deployments of the software maintained an increased risk of additional cyberattack.

Kid Security Data Breach

Many parents use security tools to monitor their children’s online activity and prevent their little ones from navigating to some unsavory corners of the web. One such tool is called Kid Security, which could also be used on mobile devices to track a child’s location. Unfortunately, in November, the app suffered a few misconfigurations that allowed more than 300 million of its data records to be exposed to the internet for more than a month. Exposed data included phone numbers, email addresses and a few payment card numbers.

Though sometimes data exposures can occur without notice by cybercriminals, in this instance, the data was almost certainly accessed. Criminals left behind a crude ransom note with a Bitcoin wallet address, but because they did not effectively destroy the data left behind, there was no reason for Kid Security to engage with the criminals’ demands.

More and more children are producing data at younger and younger ages, and it is the responsibility of their parents to choose applications that will work harder to keep that data totally secure. Yet, because even diligent and attentive parents cannot predict which digital apps and services will suffer attacks and exposures, they should equip all their home devices with premium internet security services.

There were far too many cyberattacks to detail all of them here, but some of the worst certainly teach valuable lessons about the present and future of cybercrime. By analyzing cyberattacks, we can learn to take the right precautions to stay safer in the months and years ahead.