Kaspersky’s MDR Analyst Report for 2023 reveals a rise in high-severity cyber incidents involving human involvement, impacting various industries. The report emphasizes the importance of implementing effective cybersecurity solutions and managed security services to combat advanced attacks.
30 April 2024 – The Kaspersky Managed Detection and Response (MDR) team revealed a concerning trend in their latest MDR Analyst Report: the frequency of high-severity cyber incidents involving direct human involvement exceeded two per day in 2023. This trend was observed across various industries, with financial, IT, government, and industrial sectors ranking highest.
The annual MDR Analyst Report offers insights into reported incidents, their nature, and distribution across industries and regions. Based on the analysis of MDR incidents detected by the Kaspersky Security Operations Center (SOC), the report highlights the most common tactics, techniques, and tools used by attackers in the past year.
According to the report, the government sector recorded 22.9% of all detected high-severity incidents, followed by IT companies at 15.4%, and financial and industrial companies at 14.9% and 11.8%, respectively.
Regarding the nature of incidents, nearly 25% were driven by humans, while just over 20% involved various types of ‘cyber exercises’—previously classified as targeted attacks but re-designated as ‘cyber exercises’ with customer confirmation.
The proportion of malware attacks resulting in serious consequences slightly decreased in 2023 compared to previous years, accounting for just over 12% of total critical incidents. This decline is attributed to the “commoditization of attacks,” reflecting the widespread adoption of previously developed tools for automated attack scenarios.
The report also found that incidents involving the detection of targeted attack artifacts, publicly available critical vulnerabilities, and social engineering comprised around 4-5% of all incidents.
Sergey Soldatov, Head of Security Operations Center at Kaspersky, commented, “In 2023, Kaspersky detected a smaller number of high-severity incidents, but observed a simultaneous increase in medium and low severity ones. This redistribution is associated with malware detection without visible traces of human participation, highlighting the ‘commoditization of tools.’ Targeted attacks are becoming more dangerous, emphasizing the need for effective automated cybersecurity solutions managed by experienced SOC analysts.”
To enhance protection against advanced attacks, companies are advised to implement effective cybersecurity solutions and hire qualified practitioners or adopt managed security services like MDR and Incident Response, covering the entire incident management cycle from threat identification to continuous protection and remediation.