Alexey Parfentyev named two factors as the main trends in 2023

[tanjimajuha20]

New trends 2023
71% of the compromised data dates back to the current year. At the same time, more than half (55%) of the studied databases became public within a month after the supposed date of unloading from the affected company. Exactly two-thirds of the databases were posted by the attackers on Telegram. According to Igor Fitz, an analyst at Kaspersky Digital Footprint Intelligence, the popularity of this resource began to grow rapidly in March 2023, when the popular Breached forum, where hackers usually posted the data they stole, was closed.

Most often, messages posted italy whatsapp number database on specialized platforms indicated leaks from organizations in the retail, financial, career and education sectors, as well as from Internet services and IT companies. The most significant increase in public incidents related to information leaks in 2023 occurred in the financial, IT and medical sectors. According to Igor Fitz, a significant increase in leaks of sensitive medical data could become a source of great danger - in particular, the emergence of new fraudulent schemes, including targeted ones.

in terms of leaks - the acceleration of digitalization and the costs of import substitution: "The increase in the number of leaks is primarily due to the accelerated pace of digitalization. And this trend does not change from year to year. Information around the world is becoming digital, more and more new data storage facilities are appearing, which give rise to additional threats of personal data leaks. For example, in government organizations, in 80.3% of cases, the main channels of leaks were Internet resources - cloud storage, file-sharing services, social networks. Another trend was added in the outgoing year - import substitution. If a clear deadline for migration to domestic software is set for government agencies, then for private businesses, including large ones, there have been no requirements for the implementation of domestic products in recent years. And this process of "moving" is now becoming very painful for many companies. And if a company cannot update the operating system, which patches security problems, accordingly, the threats of data leaks multiply every day."

Nikita Leokumovich, Head of Response and Digital Forensics at Angara Security, points out the significant increase in supply chain attacks in 2023: "The main hacking methods and reasons for subsequent information leaks are phishing attacks on employees and clients, exploitation of vulnerabilities in digital services and client platforms, and hacking through subsidiaries, contractors, and subcontractors involved in IT development. For example, in the first half of 2023, the share of such hacks through third companies (along the supply chain) increased by 30% compared to 2022. At the same time, contractors often gain remote access to critical infrastructure, the information security of these companies is not regulated, they are not subject to the requirements of GosSOPKA and often FSTEC."

"A significant portion of leaks in 2023 occurred as a result of exploiting vulnerabilities in the website development and management system. Attackers can use compromised accounts to gain access to corporate resources of victim companies. We recommend that businesses develop a plan in advance to respond to a cyberattack or publication of stolen data in order to reduce damage in the event of an incident, as well as regularly conduct training for employees to im