Over 90% of Russian Companies Faced Data Leaks in 2023

The Information Security Center of “Infosystems Jet” has released an analytical report on cyber threats recorded throughout 2023. Experts noted an 11% increase in the total number of cyberattacks compared to the previous year. The majority of incidents were linked to malware infections from visiting malicious websites and phishing attacks.

According to the report, 72% of companies had critical vulnerabilities on their network perimeter, which could serve as entry points for attackers into the company’s infrastructure. More than 90% of the analyzed companies in 2023 experienced leaks of corporate accounts. In 48% of cases, the account was mentioned together with a password, and in 44%—with a hash, which could help attackers compromise the account.

The report also highlights that 93% of companies that ordered external threat monitoring services from “Infosystems Jet” were mentioned on darknet forums and hacker-themed Telegram channels, indicating significant interest from cybercriminals.

Growing Risks from Contractors and Outdated Software

In 2023, the issue of attackers infiltrating through contractor organizations became especially acute. According to experts, the cause of every fifth significant incident investigated was the hacking of an IT contractor.

Additionally, 96% of Russian companies use software versions with critical or high-level vulnerabilities on their external perimeter, all of which have previously been described online as part of “hacking schemes.” The problem is often due to software updates being postponed for various reasons.

“These factors significantly simplify attacks for cybercriminals, reducing the time from reconnaissance to penetration into the victim’s infrastructure, followed by theft and encryption of corporate data,” said the head of monitoring and response expert services at the company.

Industry Response and Future Outlook

“In 2023, the cybersecurity industry faced the need to rethink its strategies and priorities. Companies are forced to actively analyze and control information outside their internal networks to ensure systematic protection of their constantly evolving IT infrastructure. Data leaks and information threats can come from a variety of sources, including trusted partners, so it is critically important to quickly close vulnerabilities, detect, and respond to events that compromise the company,” noted Andrey Yankin, Director of the Information Security Center at “Infosystems Jet.”

Since the beginning of 2023, there has been a systematic increase in the complexity of cyberattacks and their methods: the use of hard-to-detect malware, automation tools, and preparation of attacks using artificial intelligence technologies, as well as multi-stage attack chains through trusted partners. The share of low-skilled hackers, hacktivists, and script kiddies involved in last year’s attacks has significantly decreased, pushing the industry to systematically improve process maturity and employee competencies.

In 2024, analysts expect an increase in the number of complex, multi-stage cyberattacks. They also predict that attackers will continue to actively recruit insiders to gain access to company networks and leak critical data, while companies will focus more on training and improving the skills of their security teams.