Exploits, Botnets, and Malware Surge in Q1 2023

For years, we’ve heard about the threat of cyber attacks and the grave risks they pose to today's increasingly digital landscape. The problem with sophisticated hackers is that they can exploit vulnerabilities in systems and perform data breaches, ransomware attacks and identity theft that ruin a business’s credibility or do significant harm to individuals. And as we rely more and more on technology, these threats continue to grow.

A new report from Nuspire that looks at the current landscape shows no slowing of these threats, either.

The Q1 2023 Cyber Threat Report examines threat data as well as specific tactics, techniques and procedures (TTPs) and found that not only are threats still happening, but there are also new phishing tactics happening that look for clever new ways to infiltrate systems. Specifically, there were elevated activity levels across all three types of threats the MSSP monitors: malware, botnets and exploits.

The report found the following alarming trends in cyber threats during Q1 2023:

• Exploit activity skyrocketed by over 150%, primarily driven by brute forcing and the exploitation of Apache Log4j vulnerabilities.
   
• Malware surged by nearly 40%, with JavaScript and Microsoft variants being the most prevalent.
   
• Botnets witnessed a significant 60% increase, with NetSupport RAT and FatalRAT emerging as prominent threats.

J.R. Cunningham, Chief Security Officer at Nuspire offered an example of an increased threat they observed: "One example is Microsoft. When the company blocked macros in Word and Excel files, phishing activity shifted to OneNote as a delivery system for embedding malicious scripts. Qakbot malware, along with malware families such as AsyncRAT, XWorm, QuasarRAT and Formbook, are all popular users of this new tactic."

"The continued upward trajectory of cyber threat volume combined with the velocity of change in tactics, techniques and procedures has created perhaps the most challenging threat landscape we've ever experienced," said Craig Robinson, Research Vice President for Security Services at IDC.

In order to help slow the threats posed by these tactics, Robinson advises that businesses have “not only have the right technologies in place to monitor, detect and respond, but also have targeted threat intelligence to zero in on the threats that matter most to the health of your organization."