OpenText Cybersecurity Threat 2023

Cybersecurity professionals were kept on their toes throughout 2022. Russia’s invasion of Ukraine sent shockwaves through organized cybercrime and disrupted ongoing operations by REvil and Conti. Global law enforcement continued to aggressively target threat actors, including the Hive ransomware gang. And discovery of critical vulnerabilities and exposures (CVE) continued at a record pace, with nine CVEs published with scores of 9 or higher.

In addition to these new developments, 2022 also saw a continuation of many of the trends first observed at the start of the pandemic. Attacks on manufacturing and supply chains remained common, disruptive, and profitable. By the end of the year, the average ransom demand was at its highest ever, with the median cost hitting just under $200,000. Ransomware gangs increasingly targeted smaller businesses, which have fewer resources to prevent and manage the disruption. Simultaneously, many businesses faced tough security spending choices over the past year — exacerbated by rising inflation and economic uncertainties — brewing an ideal environment for cybercrime.

Meanwhile, phishing has evolved to take advantage of new social media platforms targeting younger users. And ever-advancing artificial intelligence (AI) capabilities look set to further fuel these kinds of attacks.

All of these issues combined make it more important than ever for businesses to embrace cyber resilience. In the 2023 OpenText Cybersecurity Threat Report, we dive into the inner workings of the threat landscape to highlight the situation facing businesses large and small. As OpenText Cybersecurity, we provide comprehensive security solutions for companies and partners of all sizes, helping customers build cyber resilience via a holistic security portfolio. Every year, we aim to improve the quality of our report data while providing broad coverage of threat activities. New to this year’s report is the inclusion of data from Webroot Email Security (formerly Zix). Email is a core vector for many cyberattacks and we are excited to be able to include this information in our indepth analysis of 2022. We hope the information in this report empowers you to build stronger and smarter defenses for the year ahead.