Sophos 2023 Threat Report
Defending against the new malware “as-a-service” global economy
The gloves came off in 2022. While Russia-based threat actor groups spread misinformation and launched multiple cyberattacks against Ukraine, China-based (and likely sponsored) threat actor groups attacked hardware security products made by nearly every company in the cybersecurity and infrastructure industries.
During this time, the cybercriminal economy has increasingly transformed into an industry. Information technology companies have shifted to “as-a-service” offerings, and the cybercrime ecosystem has done the same. Access brokers, ransomware, information-stealing malware, malware delivery, and other elements of cybercrime operations have lowered barriers to entry for would-be cybercriminals.
How threat actors offer to rent voice systems to receive calls where victims opt out and speak to a bot, rather than a human
Infrastructure designed to build or manage bulk spamming services through a variety of mechanisms, including SMS and email
Offering access at discount prices for legitimate commercial tools such as Metasploit and Burp Suite to find and exploit vulnerabilities
How Sophos is Keeping Up in 2023
Real-time threat intelligence, Sophos X-Ops threat response specialists, and world-leading AI with deep learning capabilities enable Sophos to continually evolve against criminal activities. The Sophos 2023 Threat Report provides key insights to help organizations and security practitioners defend against new ransomware groups and services designed to launch multiple malware attacks and steal information.
Sophos is a worldwide leader in next-generation cybersecurity and protects more than 500,000 organizations and millions of consumers in more than 150 countries from today’s most advanced cyberthreats. Sophos delivers a broad portfolio of advanced security services and products to protect corporations and individuals against a wide range of cyberattacks.