Exploits, Botnets, and Malware Surge in Q1 2023

Exploits, Botnets, and Malware Surge in Q1 2023

By Stefania Viscusi

For years, we’ve heard about the threat of cyber attacks and the grave risks they pose to today's increasingly digital landscape. The problem with sophisticated hackers is that they can exploit vulnerabilities in systems and perform data breaches, ransomware attacks and identity theft that ruin a business’s credibility or do significant harm to individuals. And as we rely more and more on technology, these threats continue to grow.

A new report from Nuspire that looks at the current landscape shows no slowing of these threats, either.

The Q1 2023 Cyber Threat Report examines threat data as well as specific tactics, techniques and procedures (TTPs) and found that not only are threats still happening, but there are also new phishing tactics happening that look for clever new ways to infiltrate systems. Specifically, there were elevated activity levels across all three types of threats the MSSP monitors: malware, botnets and exploits.

The report found the following alarming trends in cyber threats during Q1 2023:

  • Exploit activity skyrocketed by over 150%, primarily driven by brute forcing and the exploitation of Apache Log4j vulnerabilities.
  • Malware surged by nearly 40%, with JavaScript and Microsoft variants being the most prevalent.
  • Botnets witnessed a significant 60% increase, with NetSupport RAT and FatalRAT emerging as prominent threats.

J.R. Cunningham, Chief Security Officer at Nuspire offered an example of an increased threat they observed: "One example is Microsoft. When the company blocked macros in Word and Excel files, phishing activity shifted to OneNote as a delivery system for embedding malicious scripts. Qakbot malware, along with malware families such as AsyncRAT, XWorm, QuasarRAT and Formbook, are all popular users of this new tactic."

"The continued upward trajectory of cyber threat volume combined with the velocity of change in tactics, techniques and procedures has created perhaps the most challenging threat landscape we've ever experienced," said Craig Robinson, Research Vice President for Security Services at IDC.

In order to help slow the threats posed by these tactics, Robinson advises that businesses have “not only have the right technologies in place to monitor, detect and respond, but also have targeted threat intelligence to zero in on the threats that matter most to the health of your organization."

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
Related Articles

LogMeIn Rescue, to the Rescue: Forrester Studies GoTo's Support Capabilities

By: Alex Passett    9/22/2023

Over a period of three years, a Forrester Total Economic Impact (TEI) study examined the business and financial benefits of LogMeIn Rescue, a flagship…

Read More

Canadian Managed IT Services Gear Up for Cybersecurity Awareness Month

By: Contributing Writer    9/22/2023

October, prominently known as Cybersecurity Awareness Month, is an annual observance and an intensified rally for Canada's premier IT service provider…

Read More

ITEXPO Exhibitor RingLogix Looks to TeamMate to Open New Possibilities for MSPs

By: Greg Tavarez    9/21/2023

The RingLogix and TeamMate collaboration enables MSPs to get the most out of Microsoft Teams as a collaboration solution.

Read More

Acronis Introduces Advanced Automation for MSPs

By: Stefania Viscusi    9/21/2023

Acronis Advanced Automation addresses a common challenge faced by MSPs, the increasing complexities businesses face with so many different initiatives…

Read More

Comprehensive Cybersecurity Solutions: Rackspace Taps Palo Alto Networks

By: Alex Passett    9/20/2023

Strengthening organizations' abilities to stay ahead of progressively evolving cyber threats and attackers is key. That's why Rackspace Technology has…

Read More