Cybersecurity Attack Attempts More Than Doubled, Increasing 104% in 2023

Armis Labs data analysis provides possible blueprint for year ahead on where security teams need to prioritize efforts

SAN FRANCISCO--()--Armis, the asset intelligence cybersecurity company, today announced The Anatomy of Cybersecurity: A Dissection of 2023's Attack Landscape. The 2023 analysis of Armis’ proprietary data offers critical insight into the multifaceted challenges global organizations face when it comes to protecting the entire attack surface. Report findings serve as a blueprint to help security teams worldwide prioritize efforts to reduce cyber risk exposure in 2024.

The report found that global attack attempts more than doubled in 2023, increasing 104%. Utilities (over 200% increase) and Manufacturing (165% increase) were the most at risk industries. Attack attempts peaked in July, with communications devices, imaging devices and manufacturing devices experiencing intensified targeting during this period.

Armis found that not only are attack attempts increasing, but cybersecurity blind spots and critical vulnerabilities are worsening, painting prime targets for malicious actors,” said Nadir Izrael, CTO and Co-Founder, Armis. “It’s critical that security teams leverage similar intelligence defensively so that they know where to prioritize efforts and fill these gaps to mitigate risk. We hope that by sharing these insights, global businesses and governments will leverage them to immediately pinpoint what they should be focusing on to improve their cybersecurity posture this year to keep critical infrastructure, economies and society safe and secure.”

Key findings of The Anatomy of Cybersecurity: A Dissection of 2023's Attack Landscape include:

Geopolitical tensions exacerbate the cybersecurity landscape

  • Cyberwarfare grew more widespread in 2023. Top industries exposed to attack from Chinese and Russian actors were those within Manufacturing, Educational Services and Public Administration.
    • In manufacturing, .cn and .ru domains contributed to an average of 30% of monthly attack attempts, while attacks from these domains on Educational Services have risen to about 10% of total attacks.

Legacy technology steepens incline of cybersecurity pros’ existing up-hill battle

  • Older Windows server OS versions (2012 and earlier) are 77% more likely to experience attack attempts compared to newer Windows Server versions.
    • This vulnerability is particularly evident in the server environment, with nearly a quarter of server versions facing end-of-support (EoS) scenarios. The Educational Services industry has a significantly higher percentage of servers (41%) with unpatched weaponized Common Vulnerabilities and Exposures (CVEs), compared to the general average of 10%.
  • Industries still using end-of-life (EoL) or EoS OSs that are no longer actively supported or patched for vulnerabilities and security issues by the manufacturer: Educational Services (18%), Retail (14%), Healthcare (12%), Manufacturing (11%) and Public Administration (10%).

Businesses struggle with effective vulnerability prioritization and remediation

  • There were over 65,000 unique CVEs discovered in 2023.
  • Wearable devices have the highest percentage (93%) of unpatched CVEs.
  • A third of all devices are still not patched for Log4Shell.
  • Patch rates for critical CVEs are not prioritized:
    • Low CVEs: 11% patch rate
    • Medium CVEs: 58% patch rate
    • High CVEs: 64% patch rate
    • Critical CVEs: 55% patch rate
  • Irrespective of the weaponization status of a CVE, organizations consistently grapple with patch rates at 62% for non-weaponized and 61% for weaponized vulnerabilities.

Blueprints like this report are invaluable as they help teams focus limited resources on efforts with the greatest impact and with the insights to tell data-driven stories in justification of cross-team priorities,” said Curtis Simpson, CISO, Armis. “Using hindsight and analyzed data could allow CISOs to focus 2024 efforts on segmenting legacy technology, prioritizing exposures of greatest significance, and utilizing AI-driven technologies that can assist security teams with defending and managing the attack surface in real-time.”

Proprietary data leveraged for this report was mined from Armis’ Asset Intelligence Engine. The Armis Asset Intelligence Engine is a collective AI-powered knowledge base, monitoring billions of assets worldwide, in order to identify cyber risk patterns and behaviors. It feeds the Armis Centrix™ platform with unique, actionable cyber intelligence to detect and address real-time threats across the entire attack surface.

To read the full report, The Anatomy of Cybersecurity: A Dissection of 2023's Attack Landscape, please visit: https://www.armis.com/anatomy-of-cybersecurity

Learn more about The Armis Asset Intelligence Engine here: https://www.armis.com/platform/armis-asset-intelligence-engine/

About Armis

Armis, the asset intelligence cybersecurity company, protects the entire attack surface and manages the organization's cyber risk exposure in real time. In a rapidly evolving, perimeter-less world Armis ensures that organizations continuously see, protect and manage all critical assets. Armis secures Fortune 100, 200 and 500 companies as well as national governments, state and local entities to help keep critical infrastructure, economies and society stay safe and secure 24/7. Armis is a privately held company headquartered in California.

Contacts

Rebecca Cradick
Senior Director, Global Communications
Armis
pr@armis.com

Social Media Profiles

Contacts

Rebecca Cradick
Senior Director, Global Communications
Armis
pr@armis.com