In recent times, the cyber security sector has been forced to prioritise overcoming advancing sophisticated threat actors and adversary techniques from ever-changing cyber-attacks and hardened cyber criminals. Within the enterprise cyber security sector, prevention is key, as opposed to trying to remedy the disastrous consequences of a cyber-attack.
The multitude of cyber-attacks seen in recent times range from nation-state espionage campaigns to attackers gaining a gateway to thousands of enterprises through software supply chain vulnerability exploitations. With such unprecedented cyber attacks, the need for enterprise cyber security events and cyber security conferences has never been greater.
These cyber-attacks have resulted in significant real-world impacts, such as:
- Victim organizations experiencing large-scale loss of service
- Subsequent crippling financial costs due to a lack of operating
- Many millions of individuals have had highly sensitive data stolen
- Huge risk of follow-on attacks, due to being left in a vulnerable state
This article, featured in Infosecurity Magazine documents the ten most impactful cyber-attacks of 2023. These have been decided upon based on specific criteria, such as the scale of the incident and its longer-term implications.
1. Royal Mail Faces Huge Financial Loss Following LockBit Attack
In January 2023, it emerged that the UK’s most trusted and used postal service the Royal Mail was hit by a ransomware attack, which resulted in a temporary halt to international deliveries. Vital data was also stolen by the attackers. The Royal Mail refused to pay the £65.7m ($79.85m) demand from the LockBit group, in order to return the stolen data. Needless to say, the postal service revealed it had experienced huge financial costs as a result of the attack, including large revenue losses. As a result of the attack, Royal Mail is said to have spent £10m on ransomware remediation, to prevent such an attack from occurring again in the future.
2. T-Mobile’s enormous Data Breach
International telecoms giant T-Mobile admitted that 37 million customers had their personal and account information accessed by a malicious actor, via an API attack that began on November 25, 2022. Unfortunately, the incident itself was not discovered until January 5, 2023. In a separate incident, T-Mobile USA notified customers of another breach of personal and account data that occurred in February and March 2023. The breaches mean many millions of customers are vulnerable to follow-on fraud attempts. This is something that has had huge financial ramifications for the company, as many potential customers will likely choose an alternative telecom provider in the future.
3. City of Oakland Declares State of Emergency After Ransomware Attack
In February 2023, the administration of the City of Oakland, California, declared a state of emergency as a result of a ransomware attack. The incident shut down many non-emergency services, while government buildings were forced to close temporarily. It was later reported that the hackers stole a decade’s worth of sensitive data from city servers in the attack, including information about employees in sensitive roles such as the police.
4. MOVEit File Transfer Exploitation
The exploitation of a zero-day vulnerability in the popular file transfer software MOVEit is thought to have impacted thousands of organizations; ranging from media sectors to healthcare professions. The flaw was first exploited by the notorious Clop ransomware gang in May 2023. Clop continued to successfully compromise end users’ data, despite a patch being deployed by May 31. The fallout from the attack is believed to have contributed to a record number of ransomware attacks in July 2023.
5. Chinese Espionage Campaign Infiltrates US Government
Microsoft discovered a Chinese cyber-espionage campaign that enabled the Storm-0558 group to gain unprecedented access to customer email accounts from May 15, 2023. This included employees in the US State and Commerce Departments and other crucial US government agencies. To launch the campaign, the attackers compromised a Microsoft engineer’s corporate account, leading to the tech giant being criticised and even accused of negligence by a US lawmaker.
6. UK Electoral Commission Attack Exposes 40 Million Voters’ Data
In August 2023, the UK’s Electoral Commission revealed it had been the victim of a “complex cyber-attack” exposing the personal data of anyone in the UK who was registered to vote between the years 2014 and 2022. Worryingly, the attackers had remained undetected in the systems for 15 months, suggesting they were in search of something beyond quick financial gain. It was later reported that the Electoral Commission had received an automatic failure during a Cyber Essentials audit. This is now known as one of the largest cyber-attacks to ever impact voters and their data.
7. Casinos Taken Down by Cyber-Attacks
In September 2023, hotel and casinos giant MGM Resorts International reported that it had experienced a cyber incident, affecting critical parts of its business for several hours. The attack, perpetrated by the ALPHV/BlackCat ransomware gang, cost the firm more than $100m after they refused to pay the ransom demand. Just days after the MGM incident, another Las Vegas based casino and hotel chain company, Caesars Entertainment, also revealed it had been compromised by ransomware threat actors.
8. Logistics Firm Closes Due to Ransomware Attack
One of the UK’s largest privately owned logistics firms, KNP Logistics Group, was forced into administration in September 2023, following on from a ransomware attack it suffered earlier in the year. Subsequently, the firm will be forced to make over 700 employees redundant, with the business stating that it has been unable to secure urgent investment after the attack occurred. The incident highlights the serious real-world impact that cyber-extortion attacks have on their victims, regardless of the size and status of the person or organisation.
9. 23andMe Suffers Major Data Breach
A DNA testing firm 23andMe confirmed their customers had their profile information accessed by threat actors, following a credential stuffing campaign in October 2023. The threat actor claimed to have 20 million ‘23andMe’ data records in their possession, raising concerns that highly sensitive data, such as ethnicity, could be used against victims. 23andMe later confirmed that over 6 million individuals’ information was accessed from the data breach, further revealing the hackers were able to access a significant number of files containing information about users’ ancestry. Needless to say, those affected would have felt compromised, exposed and incredibly vulnerable going forward.
10. British Library Suffers Damaging Ransomware Incident
One of the world’s largest and most renowned libraries, the British Library in London, was hit by a ransomware attack that took down both their online and onsite services. The library revealed the attack occurred on October 28, later confirming that internal HR data was stolen and leaked alongside user data being hacked and offered for sale on the dark web. The Rhysida ransomware group have claimed responsibility for the attack.
With the ever-growing sophistication of both AI and cyber-criminals, organisations must prioritise educating everyone involved in the daily running of the need for robust, thorough cyber security. Preventing such catastrophic breeches must be prioritised in order to prevent future occurrences.