2023 Cyberattacks: Key Figures to remember | Stormshield

With the coming year focused on artificial intelligence, various different elections, the Olympic Games and the entry into force of the NIS2 directive, what were the cybersecurity trends of 2023? We take a look at the key figures and statistics in the world of cyber threats.


4,45: the average cost of a data leak, in millions of dollars

This is the first figure given in the key indicators of the 2023 version of IBM's “Cost Of A Data Breach” report: the average cost of a data breach in 2023 was 4.45 million dollars. And this value has risen by 15% in three years.

It’s a figure that clearly illustrates the potential impact of data theft, leakage or exfiltration... and the importance of data encryption.


15.5: the percentage share of BlackCat and Black Basta ransomware in all reported cyberattacks

This year, Statista has followed its usual practice of compiling data on cyberattacks. According to the results published for the second quarter of 2023, the BlackCat and Black Basta ransomware were the most active types, each accounting for 15.5% of the volume of detections. The Royal ransomware took third spot, with 10.1%.

This predominance is a direct consequence of these two groups’ decisions to market their own malware via Ransomware-as-a-Service (RaaS) platforms.


47: the percentage of ransomware-affected companies that chose to pay the ransom

The previously-mentioned IBM “Cost Of A Data Breach” report shared the figure that 47% of (surveyed) ransomware victims had paid the ransom. The report also reveals that 37% of respondents chose not to involve the authorities.

Decryption as an alternative to rebuilding, or even collapsing: the smallest organisations have little time to make their decision, as their very survival may be on the line... Larger companies are more likely to capitulate when reputational or financial issues are at stake. Faced with a ransomware attack, the question is: to pay up, or not to pay up? This is always a thorny issue, and one which we have explored in our whitepaper on the subject.


80: the record ransom demanded by LockBit, in millions of dollars

In October 2023, CDW – a US reseller of IT products and services – was targeted by the LockBit group of cybercriminals. The demanded sum in the ransomware attack: 80 million dollars.

This made it the biggest ransom demand of 2023, ahead of the $70m demanded by the same group from TSMC in June 2023. And the third largest ransom demand to date, behind the $240m demanded by the Hive group and the $100m demanded by REvil.


89: the percentage of unwanted messages that find their way through email filtering barriers

To break through the layers of protection, cybercriminal groups’ tactics are constantly evolving. In its “Phishing Threat Report 2023”, Cloudflare reveals that 89% of spam messages manage to get through email authentication methods (namely SPF, Sender Policy Framework, DKIM, DomainKeys Identified Mail, and DMARC, Domain-based Message Authentication, Reporting, and Conformance verification systems).

Misleading links (35.6% of threats detected), newly-registered domain names (30%) and identity theft (14.2%) remain the most widespread methods of attack. With major sporting events and elections taking place all over the world this year, raising employee awareness is once again critically important.


112: the annual percentage increase in ransomware attacks that involve data extortion

According to the latest report from Flare, ransomware attacks involving data extortion have increased by 112% over the previous year. This escalation is largely due to the growing power of cybercriminals, who are forming increasingly structured groups such as LockBit, AlphVM, CLOP and BianLian.

And this is a threat that should be taken more seriously than ever, with new developments in the methods used by cybercriminal groups. Following on from double and triple extortion, multi-extortion is the most recent means of putting pressure on companies. The most recent development: a group that... sues its victim for concealing a cyberattack.


198: the number of zero-day vulnerabilities discovered

2023 was a year marked by the discovery of 198 Zero-Day vulnerabilities. The number of Zero-Day vulnerabilities reported to the Zero Day Initiative (ZDI) platform is double the number from the previous year (99).

In the same blog post, the breakdown of CVSS scores is crystal clear: 73% of these vulnerabilities are rated as “Critical” or “High Severity”.


1,265: the percentage increase in malicious emails since the arrival of ChatGPT

Artificial intelligence (and ChatGPT) were clearly no exception to the cat-and-mouse rule in cybersecurity. According to SlashNext’s “The State of Phishing 2023” report, phishing emails have increased by 1,265% since the end of 2022 and the launch of ChatGPT.

Texts that are now better written can bypass anti-phishing detection filters and link to better-constructed fake sites. Generative artificial intelligence being used to improve the effectiveness of cyberattacks...


28,902: the number of published CVEs

At the beginning of the year, projections were based on an average of more than 1,900 Common Vulnerabilities and Exposures (CVEs) per month, but the cybersecurity figures for 2023 tell the true story: almost 29,000 CVEs were discovered in 2023 (28,902, or 2,400 per month). This represents a 15% increase over 2022, according to the SmartTech article.

Share on

[juiz_sps buttons="facebook, twitter, linkedin, mail"]
Our Cyber Threat Intelligence team is dedicated to providing effective protection against these cyber-threats to businesses. This team has two key missions: to study cyber threats in order to understand them, and to continuously improve the protection offered by Stormshield products. Their aim in all of this is to contribute to the cybersecurity community’s effort to address cyberthreats.
About the author
Victor Poitevin Editorial & Digital Manager, Stormshield

Victor is Stormshield’s Editorial & Digital Manager. Attached to the Marketing Department, his role is to improve the Group’s online visibility. This involves Stormshield’s entire ecosystem, including websites, social networks and blogs. He will make use of his diverse experience, gained in several major French and international groups and communications agencies, to fulfill the Group’s high digital aspirations.