CIO Influence
CIO Influence News Security

2023 OpenText Cybersecurity Threat Report Reinforces Need for Multilayered Security Approach

2023 OpenText Cybersecurity Threat Report Reinforces Need for Multilayered Security Approach

OpenText released the results of the 2023 OpenText Cybersecurity Threat Report which explores the latest threats and risks to the small and medium business (SMB) and consumer segments. Powered by the BrightCloud Threat Intelligence Platform, the OpenText Cybersecurity annual report breaks down a broad range of threat activity, offers insight into the trends observed, and discusses wide-reaching impacts for industries, geographies, companies and individuals.

Threat actors doubled down on longstanding tactics while demonstrating innovation with new techniques. One notable trend from the past year was a significant increase in concealing the location of URLs hosting malware and phishing sites. The percentage of malicious URLs hidden behind a proxy or geolocation-masking service increased 36% year-over-year (YoY). Meanwhile, online cybersecurity threats continue to emerge at an alarming pace. New malicious websites come online daily, while legitimate sites are occasionally compromised and co-opted for nefarious purposes.

“Cyber bad actors, including nation-state players, continue to be persistent, innovative and effective. There is, however, some encouraging news. A decline in malware infections indicates comprehensive security measures are effective,” said Prentiss Donohue, Executive Vice President, OpenText Cybersecurity. “Cybercriminals are equal opportunity offenders. Acknowledging risks and preparing accordingly with a mulitlayered approach to protecting data are recommended courses of action for businesses of every size.”

CIO INFLUENCE: Datometry Releases Driver Integration for BigQuery, Further Future-Proofing Its Customers’ Investments

Key highlights from this year’s report include:

Malware

  • Malware on endpoint continues to decline 16.7% YoY
  • Rising geopolitical tensions continue to influence malware campaigns
  • Manufacturing remains the #1 targeted industry vertical
  • Analyzing high-risk URLs, on average, each malicious domain hosted 2.9 malware URLs, compared to only 1.9 phishing URLs

Phishing

  • Email phishing is the primary vector for infection followed by remote desktop protocol (RDP); RDP was #1 last year
  • Over 1 billion unwanted emails classified as phishing
  • Spear phishing email traffic increased 16.4% YoY and now accounts for approximately 8.3% of all email traffic
  • 55.5% year-over-year increase in HTTPS vs HTTP phishing attacks

Ransomware

  • Double extortion from data exfiltration is commonplace in campaigns at a rate of 84%
  • Median ransomware payments meteor spike to almost $200k; up from $70k last year
  • Law enforcement crackdowns on ransomware saw some success but have yet to make a large impact on the overall threat ransomware poses

CIO INFLUENCE: Ericsson presents a Green Financing Framework

Infection Rates

  • 28.5% of businesses with 21-100 protected endpoints encountered an infection in 2022
  • For businesses between 1-20 endpoints, the rate is 6.4%
  • For businesses between 101-500 endpoints the rate rose to 58.7%
  • And for 501+ the rate was 85.8%

Geographic Breakdown

  • The top 50,000 most-active malicious IP addresses originated from 164 countries
  • The Netherlands and Germany made it into the top five, along with the US, China and Vietnam

Multi-layered defense

  • 40.3% reduction in the number of devices that encountered malware for users who adopted all three layers of protection — Webroot SecureAnywhere, Webroot Security Awareness Training, and Webroot DNS Protection — versus devices using Webroot SecureAnywhere alone
  • Data confirms, cyber resilience using a layered defense strategy remains the best defense against today’s cybercrime landscape

CIO INFLUENCE: Apprentice Now Joins Amazon Web Services Training Partner Program to Deliver AWS Cloud Skills Training

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

Zero Networks and HighPoint Partner to Champion Zero Trust Principles for Network Security

PR Newswire

Nucleus Research Releases 2022 iPaaS Technology Value Matrix

NXP Helps Standardize Next-Generation Security with Post-Quantum Cryptography