Key risk management lessons from the top ten cyber attacks in 2023

Against a backdrop of rising geopolitical tension and growing cyber-criminal activity, Tokio Marine HCC International has compiled its list of the top 10 2023 cyber incidents in terms of financial impact and reputational damage.

For the second year in a row, a nation-state attack is prominently featured on the list, with multiple significant cyber-attacks being launched by Hamas and its allies against Israel at the start of the conflict in the middle east.

A large DDoS attack was detected against websites that provided critical information to civilians on rocket attacks, and criminal group AnonGhost also exploited a vulnerability in a mobile app that alerts Israeli civilians, most notably allowing them to intercept requests and send fake alerts.

In line with a growing presence of ransomware attacks, this attack vector featured heavily, making up four of the 10 spots on the list. Data breaches were the second most common type of attack, appearing three times.

The report also features the largest DDoS attack ever recorded – a failed attack on Google which peaked at 398 million requests per second.

Key lessons from the breaches

Isaac Guasch, cyber security leader at Tokio Marine HCC and one of the authors of the report, warned that businesses must stay vigilant as criminal organisations such as LockBit continue to commercialise the cyber industry, particularly in relation to ransomware. 

He said: “Ransomware has proven to be one of the most profitable and effective attack vectors for the gangs to utilise, hence it’s prevalence in recent years. With the advent of new technologies to enable more effective attacks, this upwards trend is only going to accelerate.

“Nation-state cyber-attacks are now an important part of military aggression, working in tandem with real-world forces to neutralise defensive capabilities… In the years to come, it is likely we will see these types of attacks continue to dominate the cyber security landscape.”

“With the advent of new technologies to enable more effective attacks, this upwards trend is only going to accelerate.”

In terms of the regulatory landscape, the report highlights that 2022 introduced many new IT or cyber-related regulations, most notably DORA and CIRCIA.

However, the authors add that 2023 has been even more trasnformational with the addition of two changes which will need to be carefully monitored and implemented by risk managers.

These are the new US SEC (Securities and Exchange Commission) rules around cybersecurity risk management, strategy, governance and incident disclosure; and the new EU artificial intelligence act.

How to tackle evolving cyber threats

The advent of AI solutions has led to an increase in sophisticated cyber-attacks.

However, the reports authors believe that these new tools will also form an essential part of cybersecurity, particularly as businesses look to make up for the lack of skilled cyber professionals globally.

The Microsoft Security Copilot is one solution mentioned within the report, which combines large language models, security-specific skills and global threat intelligence to enhance incident detection, response speed and overall security stance.

“By leveraging these new tools, businesses will also be able to bring about new innovative cybersecurity solutions”

Although AI has already been present in cybersecurity tools as part of “Big Data” capabilities, generative AI has opened the door to a whole host of new possibilities for cyber criminals and professionals alike.

Guasch said: “As is already frequently discussed, artificial intelligence (AI) is going from strength to strength. In an already highly dynamic industry, cybersecurity specialists are going to experience new waves of innovative attacks made possible through generative AI.

“However, by leveraging these new tools, businesses will also be able to bring about new innovative cybersecurity solutions, leading to a potential arms race between criminal gangs and those trying to stop them.”