In today’s rapidly evolving digital landscape, the battle for cybersecurity has reached new heights, with cyber threats showing no signs of slowing down. IT companies and solution providers have found themselves under attack from increasingly sophisticated cybercriminals in 2023. In this article, we will delve into the top 15 cyberattacks that significantly impacted the IT industry this year, underscoring the urgent need for robust security measures to combat these evolving threats.
- $80 Million Extortion Saga of CDW: In a shocking turn of events, the solution provider giant CDW came under attack when the notorious cybercriminal gang, LockBit, claimed to have leaked the company’s stolen data. LockBit demanded a staggering $80 million as an extortion payment, marking one of the largest ransom demands in history.
- The Zero-Day Vulnerability in Cisco: A critical zero-day vulnerability (CVE-2023-20198) affecting more than 10,000 Cisco devices caused a significant stir in the IT industry. Exploiting this vulnerability in Cisco IOS XE devices had far-reaching consequences, affecting enterprise switches, routers, and other vital components. The severity of this flaw, which received a perfect CVSS score of 10, allowed intruders to gain unauthorized access.
- ScanSource’s Ransomware Impact: In May, IT and telecom distributor ScanSource fell victim to a ransomware attack that significantly disrupted its systems for nearly two weeks. This attack had a profound impact on the company’s operations, affecting customers and suppliers across North America.
- Barracuda Email Security Gateway Under Siege: Barracuda faced a grave cybersecurity challenge as a zero-day vulnerability (CVE-2023-2868) in its Email Security Gateway was exploited by threat actors. The attackers targeted government agencies, with one-third of impacted organizations falling within this category.
- 3CX’s Software Supply Chain Compromise: In March, the compromise of communications software maker 3CX’s software supply chain raised major concerns. With over 600,000 organizations in its customer base, the incident emphasized the widespread impact that supply chain attacks can have.
- Cognizant / TMG Health: Cognizant/TMG Health fell prey to a cybersecurity attack in May 2023, compromising the personal information of hundreds of thousands of individuals. The breached data included sensitive information such as Social Security Numbers and bank account numbers.
- CompuCom’s Dark Web Revelation: Managed services provider CompuCom, which supports IT for five of the Fortune 500’s top ten companies, found itself exposed in the dark web. This incident highlights the potential vulnerabilities of organizations that provide critical IT services.
- Colorado’s Healthcare Data Breach: Over four million Colorado citizens had their private healthcare data compromised when threat actors exploited a vulnerability in the MOVEit transfer app used by IBM. The attack affected not only Colorado residents but also individuals outside the state.
- PwC Joins the List of MOVEit Attack Victims: PwC, a part of the Big Four accounting firms and renowned for its offerings in IT, cybersecurity consulting, and a range of other tech-related services, revealed that it had become a victim of the MOVEit attacks. In its statement, PwC emphasized that it took immediate action, suspending the use of MOVEit as soon as they became aware of the incident.
- Ernst & Young’s Investigation: Ernst & Young, also part of the Big Four and a major IT consulting firm, confirmed that it had been targeted in the MOVEit attacks. The company had conducted a thorough investigation to determine the extent of the breach and steps to contain it.
- Deloitte – The Third Big Four Accounting Firm Under Attack: The Cl0p ransomware gang targeted Deloitte, making it the third of the Big Four accounting firms to be claimed by the threat actors. Deloitte reported a limited impact on its systems, but the incident raises concerns about the vulnerability of prominent auditing and accounting firms.
- Microsoft Azure’s Vulnerabilities: On January 17, 2023, Orca Security discovered four vulnerabilities in Microsoft Azure services susceptible to server-side request forgery (SSRF) attacks. These low-risk vulnerabilities prompted Microsoft to take quick action to address and remediate the issues.
- WordPress Plugin Exploits: A Cross-Site Request Forgery (CSRF) vulnerability was detected in WPCode – Insert Headers and Footers plugin version 2.0.9 and earlier. The security flaw was found in the WPCode WordPress plugin, which has over a million installations. The vulnerability enabled attackers to delete server files. A security patch was issued following this.
- The Largest-Ever DDoS Attack: Tech giants Google, Amazon, and Cloudflare faced the largest-ever recorded denial-of-service (DDoS) attack on the internet. This attack exploited a new vulnerability, CVE-2023-44487, which could lead to widespread disruptions by targeting the HTTP/2 protocol.
- OpenAI ChatGPT – A Year of Credential Exposure: A staggering revelation unfolded as more than 100,000 OpenAI ChatGPT account credentials appeared on illicit dark web marketplaces within a year. Group-IB reported that these credentials were discovered within logs of stolen information, raising concerns about the security of AI-based systems.
The year 2023 brought forth a relentless wave of cyberattacks targeting IT companies, solution providers, and major industry players. These incidents serve as a stark reminder of the ever-present threat of cybercrime and the critical importance of implementing robust security measures to safeguard digital assets and sensitive information. As the digital landscape continues to evolve, the need for proactive cybersecurity measures has never been more pressing.