Over two critical cybersecurity incidents every day in 2023

The frequency of high severity incidents with direct human involvement exceeded two per day in 2023, according to the Kaspersky Managed Detection and Response (MDR) team. In the latest MDR Analyst Report, they observed this trend across all industries with financial, IT, government and industrial sectors topping the list.

The annual Managed Detection and Response (MDR) Analyst Report provides information on reported incidents, their nature and distribution by industry and geographic region. It also highlights the most common tactics, techniques and tools used by attackers in the previous year. These results are based on the analysis of MDR incidents identified by the Kaspersky Security Operations Center (SOC).

According to the report, 22.9% of all detected high severity incidents were recorded in the government sector. IT companies came second (15.4%), followed by financial and industrial companies, which reported 14.9% and 11.8% of incidents respectively.

As for the nature of these incidents, almost 25% of them were caused by humans. Just over 20% involved various types of "digital exercises", which had previously been classified by Kaspersky as targeted attacks, but were classified as "digital exercises" following explicit confirmation by the customer.

The proportion of malware attacks that led to serious consequences decreased slightly in 2023 compared to previous years, accounting for just over 12% of total reported critical incidents. This decrease represents the smallest share of high severity incidents in recent years and can be attributed to the "commoditisation of attacks". This trend reflects the widespread adoption of previously developed tools originally designed to conduct targeted campaigns which, due to deliberate or accidental leaks, have become commonplace. These tools are now being reused in attempts to implement fully automated attack scenarios.

The 2023 MDR report also found that the percentage of incidents involving the detection of targeted attack objects, publicly available critical vulnerabilities and the use of social engineering was around 4-5%.

To strengthen your company's protection against advanced attacks, implement effective cybersecurity solutions and hire skilled professionals to manage them, or adopt managed security services such as Managed Detection and Response (MDR) and Incident Response. These products cover the entire incident management cycle, from threat detection to ongoing protection and remediation. These services will help protect against cyberattacks, investigate incidents and provide additional expertise, even if a company does not have security employees.