Exploits, Botnets, and Malware Surge in Q1 2023

Exploits, Botnets, and Malware Surge in Q1 2023

By Stefania Viscusi

For years, we’ve heard about the threat of cyber attacks and the grave risks they pose to today's increasingly digital landscape. The problem with sophisticated hackers is that they can exploit vulnerabilities in systems and perform data breaches, ransomware attacks and identity theft that ruin a business’s credibility or do significant harm to individuals. And as we rely more and more on technology, these threats continue to grow.

A new report from Nuspire that looks at the current landscape shows no slowing of these threats, either.

The Q1 2023 Cyber Threat Report examines threat data as well as specific tactics, techniques and procedures (TTPs) and found that not only are threats still happening, but there are also new phishing tactics happening that look for clever new ways to infiltrate systems. Specifically, there were elevated activity levels across all three types of threats the MSSP monitors: malware, botnets and exploits.

The report found the following alarming trends in cyber threats during Q1 2023:

  • Exploit activity skyrocketed by over 150%, primarily driven by brute forcing and the exploitation of Apache Log4j vulnerabilities.
  • Malware surged by nearly 40%, with JavaScript and Microsoft variants being the most prevalent.
  • Botnets witnessed a significant 60% increase, with NetSupport RAT and FatalRAT emerging as prominent threats.

J.R. Cunningham, Chief Security Officer at Nuspire offered an example of an increased threat they observed: "One example is Microsoft. When the company blocked macros in Word and Excel files, phishing activity shifted to OneNote as a delivery system for embedding malicious scripts. Qakbot malware, along with malware families such as AsyncRAT, XWorm, QuasarRAT and Formbook, are all popular users of this new tactic."

"The continued upward trajectory of cyber threat volume combined with the velocity of change in tactics, techniques and procedures has created perhaps the most challenging threat landscape we've ever experienced," said Craig Robinson, Research Vice President for Security Services at IDC.

In order to help slow the threats posed by these tactics, Robinson advises that businesses have “not only have the right technologies in place to monitor, detect and respond, but also have targeted threat intelligence to zero in on the threats that matter most to the health of your organization."

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
Related Articles

ICYMI: From the MSP Market

By: Greg Tavarez    4/19/2024

Partnerships and product enhancements are on track to make waves in the MSP market.

Read More

Telesystem Launches #HackersSuck Cybersecurity Bundle

By: Greg Tavarez    4/19/2024

Telesystem shakes up the cybersecurity landscape with the launch of its #HackersSuck product bundles.

Read More

ExtraHop Prioritizes Customer Success with New Partner Program

By: Greg Tavarez    4/18/2024

ExtraHop launched its new partner program to create maximum value and opportunity for partners modernizing security infrastructures.

Read More

Cyware Makes Strategic Hire to Fuel Channel-First Strategy

By: Greg Tavarez    4/17/2024

Cyware recently appointed Stephan Tallent as the new Head of Managed Security Service Providers Program.

Read More

Guardians Upgrade Network with Windstream, Targeting Digital Edge

By: Greg Tavarez    4/16/2024

The Cleveland Guardians selected Windstream's services to bolster their IT performance, so it can use today's data-intensive sports applications witho…

Read More