Here, our Cyber Intelligence team takes a critical look at the major cyber trends that had a remarkable impact in the month of July, 2023. This section tries to connect the dots between security incidents, data breaches, cyber attacks, tech developments, emerging threats, and all other cyber incidents that happened on July 2023.
The month of July, 2023 was a busy one in the cyberworld. We saw a number of interesting trends emerge with unimaginable impacts. From mind-bending advancements in quantum encryption, jaw-dropping AI-powered threat detection, to the loss of a cybersecurity legend, Kevin Mitnick – July 2023 was a month that redefined the boundaries of cybersecurity.
We hope this helps you make better security decisions in the coming months!
Cyber Trends of July, 2023
Let’s take a look at these trends and how we can protect ourselves as citizens of a vast digital galaxy.
Rise of Ransomware Attacks: Ransomware attacks were on the rise in July, with a number of high-profile organizations being targeted. Here are some notable examples:
- On July 4, InfoSecurity Magazine reported that thirty-three US hospitals were hit by a massive ransomware attack in the first half of 2023. Fun fact: 84% of these cases involved data exfiltration as against 64% the previous year.
- On July 5, The Maritime Executive reported a ransomware attack on Japan’s Nagoya Port, disrupting activities in the Port. The attack was allegedly linked to the Pro-Russian group, Lockbit 3.0.
- On July 12, The Record reported a chilling cyber attack on Tampa Bay Zoo – allegedly perpetrated by the Royal Ransomware Gang.
- On July 13, The Hacker News reported the use of Picasso Malware in ongoing attacks on Ukraine and Poland.
- On July 21, Cyware reported a 174% rise in Mallox ransomware attacks, a strain that targets Microsoft Windows systems, and a smishing campaign linked to SpyNote malware against Japanese Android users.
- On July 27, Recorded Future reported that BlueBravo, a Pro-Russian group, adapted to target diplomatic entities with GraphicalProton Malware.
- On July 28, SC Media reported the spread of Mirai botnet attacks by unpatched Apache servers. Also, InfoSecurity Magazine reported a series of crypto heists by North Korean hackers, Lazarus Group. The attacks deployed hacking and ransomware tactics leading to the loss of $100m by the crypto firm, CoinsPaid.
Growing threat of IoT attacks due to flaws/vulnerabilities: The number of IoT attacks also increased in July, 2023 as hackers targeted vulnerable IoT devices. Here are some notable examples:
- On July 1, The Hacker News reported an unpatched WordPress plugin exploited by hackers to create secret admin accounts.
- On July 7, The Hacker News reported a critical unauthenticated SQLi flaw in MOVEit software. The identified SQL injection vulnerability, CVE-2023-36934, “could potentially allow unauthenticated attackers to gain unauthorized access to the MOVEit Transfer database.”
- On July 10, The Financial Times reported a $20m loss due to a compromised flaw linked to Revolut’s payment systems.
- On July 13, Cybersecurity News reported a critical Fortinet flaw that allows a remote attacker to execute arbitrary code. On the same day, The Hacker News reported some newly disclosed vulnerabilities in the SonicWall network security product. Also, a report by Security Week revealed that an API flaw in QuickBox SDK exposed PII of millions of users.
- On July 21, PokeStars reported a data breach linked to a MOVEit transfer flaw. Cybersecurity News also reported that hackers exploited a critical Citrix Netscaler Zero-Day flaw to deploy webshells.
- On July 28, CyberSecurity News reported that hackers are exploiting a Windows Search Feature to execute malware on infected systems. On the same date, Cyber News reported that Deloitte, a BIG Four firm, joined the list of MOVEit victims.
Rise of Emerging AI Bad Guys: July 2023 had a lot of tech developments making waves with some really interesting cybersecurity impacts. Here are some notable examples:
- On July 15, The Hacker News published a report backed by SlashNext’s recent findings about WormGPT, a new generative AI phishing tool that allows cybercriminals to launch sophisticated “human-like” cyber attacks.
- On July 21, a Security Week report revealed that Google has created a Red Team in charge of testing attacks targeted at AI systems.
- On July 26, The Hacker News reported that a new AI tool tailored for even more sophisticated attacks has emerged, with a mind-bending brand name – FraudGPT.
Regulatory bodies make new moves: As cybercriminals continue to wage war against IT infrastructures, some regulatory bodies have taken the initiative to make the digital galaxy a safe haven for everyone.
Here are some examples of such initiatives:
- On July 13, InfoSecurity Magazine reported that the Forum of Incident Response and Security Teams (FIRST) have released a new Common Vulnerability Scoring System (CVSS) version. On the same date, the White House published a plan for the implementation of the US National Cybersecurity Strategy which was introduced in March 2023.
- On July 18, CNBC reported that the US government blacklisted Intellexa and Cytrox for building Meta, iOS, and Android spywares.
- On July 27, The Hacker News reported that the US Securities Exchange Commission (SEC) approved new rules that require US companies to reveal cyber attacks within 4 days.
- On July 26, The Record published a report which revealed the Cybersecurity and Infrastructure Security Agency (CISA) is set to establish a network of regional election advisers for 2024 to reduce both physical and cyber risks.
Notable cybersecurity platform launch: July also welcomed the release of various cybersecurity platforms. Here are some examples:
- On July 7, CSO reported the release of HackGATE by Hackrate, an ethical monitoring platform.
- On July 14, Cybersecurity News reported the release of WireShark 4.0.7 by WireShark Foundation.
- On July 21, InfoSecurity Magazine reported the release of generative AI “Guardrails” dubbed PromptGuard by Plurilock.
Increase in the use of social engineering tactics: Social engineering attacks, such as phishing and business email compromise, were also on the rise in July. Here’s a notable example:
- On July 13, The Hacker News reported an email compromise incident involving US Government Agencies – a cyberattack linked to China.
Conclusion
July 2023 graced the digital landscape with lots of interesting cyber trends. The rise in ransomware attacks was likely due to the increasing value of data, as well as the growing sophistication of ransomware groups. Emerging AI bad guys are increasingly gaining popularity because of their “human-like” capabilities.
Also, the increasing use of social engineering attacks was likely because they are relatively easy to carry out and can be very effective. Finally, the growing threat of IoT attacks was likely due to the increasing number of IoT devices that are connected to the internet.
Plan to secure your organization. Start now.
See you next month!