Just ten groups were responsible for nearly half of all cyberattacks last year

Red padlock open on electric circuits network dark red background
(Image credit: Shutterstock/Chor muang)

Nearly half (44%) of all cyber incidents in 2023 were masterminded by only ten threat actors, new research has claimed.

A report from SecurityScorecard also found where most threats originate and which industries are in most danger, as well as a link between cyber risk and GDP.

Another trend that has arisen is the targeting of supply chains, which puts many organizations at risk and makes defending against such attacks even more complicated. SecurityScorecard found that 98% of organizations use compromised third party software.


Reader Offer: Save up to 68% on Aura identity theft protection

Reader Offer: Save up to 68% on Aura identity theft protection
TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal. Save up to 50% today. 

 Preferred partner (What does this mean?) 

Among the ten most prominent threat actors are the Russian-backed АРТ28 group, who were behind cyberattacks on Ukrainian infrastructure, and Cobalt Group, who have been targeting financial institutions since 2016.

SecurityScorecard also found that most of the infrastructure used by threat groups last year was concentrated mainly in China (24%) and Russia (15%). However, the threat actors operate globally.

As for targets, the IT and tech industries suffered the most cyberattacks, with critical infrastructure such as telecoms and government institutions close behind. SecurityScorecard believes that targets such as these highlight the importance of collaborating to manage cyber risks, "as these high-risk sectors face and contribute to rapidly increasing cyber risk."

The report also found a "strong correlation" between a country's GDP and their exposure to cyber risks, with SecurityScorecard noting that "a nation's economic prosperity is deeply intertwined with its ability to navigate the complex landscape of cyber threats."

Northern Europe was given the highest cybersecurity score or 82.97, whereas Central Asia had the lowest at 71.73.

SecurityScorecard CEO Dr. Aleksandr Yampolskiy commented on the report that, "progress starts with precise measurement. And until recently, cybersecurity lacked effective measurement... Security Ratings arm global leaders with a universal language to be relentlessly data-driven in managing cybersecurity risk."

He added: "by establishing clear KPIs, we can enhance cyber resilience, ultimately renewing trust in our digital ecosystem."

MORE FROM TECHRADAR PRO

Lewis Maddison
Reviews Writer

Lewis Maddison is a Reviews Writer for TechRadar. He previously worked as a Staff Writer for our business section, TechRadar Pro, where he had experience with productivity-enhancing hardware, ranging from keyboards to standing desks. His area of expertise lies in computer peripherals and audio hardware, having spent over a decade exploring the murky depths of both PC building and music production. He also revels in picking up on the finest details and niggles that ultimately make a big difference to the user experience.