Cyberattacks have been deployed by 168 threat actors against the U.S. in 2023, making it the most targeted country for cybercrime, followed by the UK, Germany, India, and Japan, SiliconAngle reports.
On the other hand, China was the leading source of threat actors, followed by Russia and Iran, all of which were behind almost 50% of all threat operations discovered last year, according to a Forescout report.
Most persistent attacks have been aimed at operational technology, with intrusions primarily targeting the Modbus communication protocol, while the Agent Tesla remote access trojan was the most prevalently utilized malware and Cobalt Strike was the most popular command-and-control server among attackers.
Significant changes in post-exploitation tactics have also been employed by threat operations last year, with the utilization of persistence techniques increasing from only 3% in 2022 to 50% in 2023, suggesting the growing sophistication of cyber intrusions.
Organizations have been urged to strengthen risk and exposure management, network security, and threat and detection response to address growing cybersecurity risks.
Ukraine has been targeted by Russian threat actors in the new Operation Texontodisinformation campaign that also involved spear-phishing and credential exfiltration tactics, according to The Hacker News.
Record high ransomware and data extortion incidents experienced by Western nations last year have prompted former National Security Agency Director Michael Rogers to call for a reevaluation of their cybersecurity defense strategy.