2023 was a big year for cybercrime – here’s how we can make our systems safer
Cybercrime ... 91% of business and cyber leaders surveyed believed geopolitical instability could drive a far-reaching cyber event in the next two years. Image: Unsplash/Ales Nesetril
- In 2023, the Forum's Global Cybersecurity Outlook highlighted that 91% of business and cyber leaders surveyed believed geopolitical instability could drive a far-reaching cyber event in the next two years.
- The year 2023 saw some major cyberattacks, including one on the US State Department.
- The World Economic Forum’s Centre for Cybersecurity drives global action to address cybersecurity challenges and improve digital trust.
Our definition of what a criminal is, is changing.
Where in the past, you might have thought of a shady character trying to breach the boundaries of your home and steal your possessions, those who commit crimes in this decade are far less easy to conjure up in your mind – faceless, formless and more likely to hide behind a computer.
Cybercrime is a real and growing threat, with the Forum's 2023 Global Cybersecurity Outlook highlighting that 91% of business and cyber leaders surveyed believed geopolitical instability could drive a far-reaching cyber event in the next two years.
How is the Forum tackling global cybersecurity challenges?
The steep rise in cyber events is putting cybercrime on the agenda for global leaders, with the World Economic Forum’s annual Global Cybersecurity Outlook series offering crucial insights into the challenges facing policymakers.
What is cybercrime?
Cybercrime is a broad term that covers damage or destruction of data, theft of money or personal financial data, embezzlement, fraud, business disruption and reputational harm.
As our personal lives and businesses move online, there's a growing number of opportunities for cybercriminals, who have at their disposal an expanding set of tools.
5 key cyberattacks of 2023
There are around 2,220 cyberattacks each day, and that equates to more than 800,000 attacks each year, according to Security Magazine. Here are just five of the biggest or most high-profile ones from 2023:
1. Theft of US State Department records
Hackers breached Microsoft Exchange and stole tens of thousands of emails, with at least 60,000 emails taken from the Outlook accounts of US State Department personnel.
2. DarkBeam’s data protection lapse
This breach was ironically from a digital protection firm, which exposed 3.8 billion records, making it one of the largest data breaches in recent memory. The records included user emails and passwords.
3. Royal Mail’s ransomware attack
The UK’s Royal Mail was hit by a ransomware cyberattack at the start of 2023 that disrupted its international mail services. Hackers sought an $80 million ransom and the attack affected 11,500 Post Office branches, meaning they were unable to handle international parcels.
4. MOVEit data theft
Cybercrime groups exploited vulnerabilities in Progress Software's MOVEit file transfer software and used it to steal data from MOVEit databases. More than 2,000 organizations are thought to have been affected, and estimates show that more than 60 million individuals' data may have been impacted.
5. Indonesia’s stolen passport records
Passport records of 34 million Indonesian citizens were stolen from the Indonesian Immigration Directorate General, with the theft carried out by a hacktivist called Bjorka, who aimed to sell the data on the dark web. Because the stolen data included full names, genders, passport numbers and dates of birth, the country is now braced for scams and identity fraud.
These examples give a flavour of the risks and what is at stake and underscore how seriously we should be taking the thousands of breaches and attacks that happen every day around the world.
How can we prevent cybercrime?
To prevent and curtail the impact of cyberattacks, organizational communication and culture around security are key, according to a UK government report. Having a formal cybersecurity strategy and regular risk reviews that extend to supply chains are also important, as well as robust incident response plans and training, it says.
The Centre for Cybersecurity at the World Economic Forum drives global action to address these challenges and improve digital trust. As part of that, it works with partners to identify new and emerging threats and to deliver free and globally accessible training.
Don't miss any update on this topic
Create a free account and access your personalized content collection with our latest publications and analyses.
License and Republishing
World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.
The views expressed in this article are those of the author alone and not the World Economic Forum.
Stay up to date:
Cybersecurity
Related topics:
Forum Stories newsletter
Bringing you weekly curated insights and analysis on the global issues that matter.
More on Forum InstitutionalSee all
Beatrice Di Caro
December 17, 2024