The MOVEit breach may well have been the biggest cyberattack of the year

News
By published

MOVEit hack tops the table in a year of devastating cyberattacks

Red padlock open on electric circuits network dark red background
(Image credit: Shutterstock/Chor muang)

It seems the breach of the file transfer service MOVEit was one of the biggest cyberattacks of 2023 - despite it being a year in which a number of dangerous new trends and tactics emerged. 

A new report from ESET examined the most significant cyber incidents of the second half of 2023, noting that what made the MOVEit breach unique, aside from its widespread impact, was the fact that no ransomware was actually deployed by Cl0p, the gang behind the attack. 

It also leaked stolen data from victim organizations onto public website, another case of a new tactic being employed by cybercriminals. This was emulated by the notorious ALPHV/ BlackCat ransomware gang, who were also prevalent this year.

In its report, ESET notes that due to the sheer scale of the MOVEit hack, it was likely too much effort for Cl0p to encrypt every victim it captured. ESET cites figures from Emsisoft who estimates the number of affected organizations after six months to be over 2,600. 

Victims ranged from government agencies, schools and healthcare, to major firms like Sony and PricewaterhouseCoopers (PwC).  

Another emerging trend for this year has been the rise of attacks involving AI, not surprising given the boom the technology has experienced in the wake of ChatGPT's public release in November 2022.

Many campaigns have targeted users of AI tools like ChatGPT, as well as creating fake domains resembling 'ChatGPT' in their wording. Such domains include web apps that use the OpenAI API keys in an insecure way, threatening user's data privacy. 

Also taking this year by storm was the Lumma stealer, which was very successful in stealing crypto wallets. It alone was responsible for a 68% rise in crypto theft this year, accounting for 80% of detections in this sector. The Lumma malware has also been stealing credentials and other information, with the total number of Lumma detections tripling between H1 and H2 2023.  

And the ever-present Magecart threat, which has been hassling retailers since 2015, still remains strong - in fact it has actually been growing this year. It injects code into unsecure websites to steal information from users, such as their credit card details. The number of detections between 2021 and 2023 rose by 343%.

Jiří Kropáč, Director of Threat Detection at ESET, concludes that "these developments show an ever-evolving cybersecurity landscape, with threat actors using a wide range of tactics." With the rise of AI and the constantly evolving tactics of threat actors, it looks as if attacks will only worsen going into next year too.

MORE FROM TECHRADAR PRO

TOPICS
Lewis Maddison
Lewis Maddison
Reviews Writer

Lewis Maddison is a Reviews Writer for TechRadar. He previously worked as a Staff Writer for our business section, TechRadar Pro, where he had experience with productivity-enhancing hardware, ranging from keyboards to standing desks. His area of expertise lies in computer peripherals and audio hardware, having spent over a decade exploring the murky depths of both PC building and music production. He also revels in picking up on the finest details and niggles that ultimately make a big difference to the user experience.

Read more
An illustration of a silhouetted thief in motion running while carrying a stolen fingerprint
The 5 worst cyberattacks of 2024
ransomware avast
“Every organization is vulnerable” - ransomware dominates security threats in 2024, so how can your business stay safe?
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
More reports claim 2024 was the worst year for ransomware attacks yet
Illustration of a thief escaping with a white fingerprint
5 massive privacy scandals that rocked the world – and made millions of victims
Representational image of a hacker
The 10 worst software disasters of 2024: cyberattacks, malicious AI, and silent threats
A digital representation of a lock
Exploits on the rise: How defenders can combat sophisticated threat actors
Latest in Security
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
Lock on Laptop Screen
Data breach at Pennsylvania education union potentially exposes 500,000 victims
Data leak
Top collectibles site leaks personal data of nearly a million users
Spyware
Stalkerware data breach potentially hits over 2 million users, including thousands of Apple devices
An American flag flying outside the US Capitol building against a blue sky
Five Eyes "cannot replace US intel in Ukraine", claims former US Cyber Command Chief
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Criminals are using a virtual hard disk image file to host and distribute dangerous malware
Latest in News
Citroen 2CV
The retro EV resurgence is in full swing, as Citroen confirms the iconic 2CV will return with batteries
Hugging Snap
This AI app claims it can see what I'm looking at – which it mostly can
Apple iPhone 16 Pro Max REVIEW
The latest batch of leaked iPhone 17 dummy units appear to show where glass meets metal on the new designs
Hornet swings their weapon in mid air
Hollow Knight: Silksong could potentially launch this year and I reckon it could be a great game for an Xbox handheld
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
Cassian looking at someone off-camera from a TIE fighter cockpit in Andor season 2
Star Wars: Andor creator is taking a stance against AI by canceling plans to release its scripts, and I completely get why
More about security
ransomware avast

Ransomware attacks are costing Government offices a month of downtime on average
Data leak

Top collectibles site leaks personal data of nearly a million users
YouTube Premium

Would you pay for better sound on YouTube? The video-sharing platform could soon let you control audio quality, but it'll cost you
See more latest
Most Popular
YouTube Premium
Would you pay for better sound on YouTube? The video-sharing platform could soon let you control audio quality, but it'll cost you
Hugging Snap
This AI app claims it can see what I'm looking at – which it mostly can
Citroen 2CV
The retro EV resurgence is in full swing, as Citroen confirms the iconic 2CV will return with batteries
I Hate This Place artwork
Bloober Team is keeping busy as it announces its next survival horror game I Hate This Place and offers a new look at its upcoming title Cronos: The New Dawn
Equal1 Bell-1 quantum computer
This is the first quantum computer you can actually buy (and use, and power): Equal1's Bell-1 uses a standard power socket
Ryzen AI Max+ 395
Obscure Chinese PC vendor gets preferential AMD treatment as Lisa Su signs first desktop PC with Ryzen AI Max+ 395 ahead of May launch
Apple iPhone 16 Pro Max REVIEW
The latest batch of leaked iPhone 17 dummy units appear to show where glass meets metal on the new designs
SanDisk Slim Dual Drive
This is the first 2TB dual-port external SSD ever and it's not as expensive as you may think
Bimawen B15.6 TV Pro
A sign of things to come? This portable monitor comes with Google TV, a remote control and a very well hidden Android PC
Cassian looking at someone off-camera from a TIE fighter cockpit in Andor season 2
Star Wars: Andor creator is taking a stance against AI by canceling plans to release its scripts, and I completely get why