Malware & Phishing dominate the 2023 cyber threat landscape

CEO and Co-Founder of ReasonLabs, Kobi Kalif. Credit: ReasonLabs
Following ReasonLabs’ 2023 Cybersecurity Summer Trends Report, Kobi Kalif discusses how leaders need to be vigilant of device-oriented cybersecurity risks

Off the back of ReasonLabs2023 Cybersecurity Summer Trends Report, released at the end of August, as employers increasingly demand that employees return to the office, leaders need to be vigilant of heightened cybersecurity risks coming from their employees’ devices. 

The cybersecurity developer‘s research shows that malware and phishing still remain the top two cyber threats to those with devices in the US.

Youtube Placeholder

ReasonLabs’ CEO and Co-Founder Kobi Kalif has worked across cybersecurity for more than 15 years, and co-founded the company with the vision of equipping consumers with the same level of cybersecurity protection as Fortune 100 companies, so they have robust defences against online threats.

The report found that 45.3% of all threats involve malware or malicious software infecting a device, with phishing, deceptive emails or messages that trick users into giving private information coming in at 43.6%.

Pirating and illegally downloaded files accounted for 3.72% of threats, with 2.98% a result of adware and users inadvertently downloading software that bombards them with intrusive ads. The remaining  2.83% is due to ransomware and downloading files encrypted by malicious software, demanding ransom payment to regain access to their data.

Kalif runs through the key findings of the report, the impact of these threats on businesses and their employees and how they can be best mitigated.

What are the highlights from the 2023 Cybersecurity Summer Trends Report? What are some of the most important insights it highlights?

The 2023 Cybersecurity Summer Trends Report analysed global security incidents gathered by the ReasonLabs’ Threat Intelligence Team from May through July 2023. It includes crucial data and insights into cybersecurity threats, both new and emerging, that are most prevalent for consumers today.

Most notably, our report revealed that malware was the top online global cybersecurity threat during the period, accounting for over 58% of all detections. Behind malware, phishing made up nearly 25% of global browser-originated detections. This trend aligns with the ongoing prevalence of phishing as one of the leading attack vectors affecting home users.

The report also underscores specific geographic concentrations of cyber threats, particularly in the United States, Russia, and Ukraine. In these countries, phishing attacks were notably more prevalent, representing nearly half of all detections, compared with the 25% global average. We can assume from this that phishing is a preferred tactic in the ongoing Russia-Ukraine conflict as well, which is another trend to watch in the coming months as the conflict progresses.

Furthermore, the report highlights the strategic use of phishing attacks in cyberwarfare tactics, leading to threats such as Trojans and ransomware. Rounding out the top five global web threats detected over the summer of 2023 were adware, pirated software and content, and crypto mining. These findings underscore the evolving landscape of cybersecurity threats and the critical need for robust defences against malware and phishing in particular.

How do these risks impact businesses and their workforce?

Malware and phishing are the two top threats according to the 2023 Cybersecurity Summer Trends Report. Their risks have significant and far-reaching impacts on businesses and their workforce, who are, ultimately, the everyday consumer. Cybersecurity is often overlooked due to a lack of education and awareness around the impacts possible threats can have. For example, according to a recent study by Cybernews, the most commonly used password is “123456”.

Another research report by Harris found that two-thirds of Americans use the same password across multiple accounts and 43% of them have shared a password with someone. With such a lax security mindset, all it takes is for one successful phishing attempt for multiple online accounts to be compromised.

Do threats like this become more prevalent at certain times of year? Are there times when workforces should be more vigilant?

Yes, phishing and malware threats can become more prevalent during certain times of the year. Cybercriminals frequently increase their phishing and malware activities during major holiday seasons, such as Christmas, New Year's, Thanksgiving, and Valentine's Day. They send out malicious emails with holiday-themed content, fake gift offers, e-cards or delivery notifications, hoping to catch individuals in a festive and less cautious mood.

Black Friday and Cyber Monday are also popular times when attackers send phishing emails impersonating popular retailers and offering enticing deals and discounts. These emails may trick individuals into clicking on malicious links or downloading counterfeit apps.

Additionally, tax-related phishing scams tend to spike around tax-filing deadlines in various countries. Attackers send fake emails posing as tax authorities, financial institutions, or tax software providers, luring individuals into revealing sensitive financial information or downloading malicious attachments. 

Are threats becoming more coy/using trickery to lull people into letting their guard down?

As awareness of the most basic form of cyber attacks has increased, bad actors are turning to social engineering tactics to trick their targets into letting their guard down. Social engineering is a technique used by malicious actors to manipulate individuals into divulging confidential information, performing actions, or making decisions that compromise security. It relies on psychological manipulation rather than technical exploits to exploit human nature and gain unauthorised access to sensitive data or systems. Social engineering attacks are often used in phishing attempts.

Phishing emails are one of the most prevalent forms of social engineering attacks. In a typical phishing email, an attacker poses as a trustworthy entity, such as a bank, a popular online service, or a colleague, and sends a message designed to deceive the recipient. These emails often contain urgent or alarming content, such as warnings of account suspension, security breaches, or enticing offers. They prompt the recipient to take action, like clicking on a link to a fake website, downloading a malicious attachment, or providing sensitive information like usernames, passwords, or credit card details.

Successful phishing emails use psychological manipulation to bypass the recipient's critical thinking and exploit emotions like fear, curiosity, or greed. The attacker's goal is to make the recipient act hastily without verifying the authenticity of the message. By tricking individuals into revealing their credentials or downloading malware, attackers can gain unauthorised access to accounts or systems. To defend against phishing emails, it's essential to be cautious, verify the sender's identity, and avoid clicking on suspicious links or sharing sensitive information without proper verification.

Recognising these tactics, staying vigilant, and educating oneself and others are critical steps in defending against social engineering attacks and protecting sensitive information and systems.

What can be implemented to ensure device security?

Given that phishing and malware are the two biggest cyber threats, steps should be taken to specifically protect against those threats. First and foremost, use an advanced protection solution. Legacy-generation antiviruses can no longer provide the type of protection that consumers need. Endpoint detection and response systems like RAV Endpoint Protection are stronger, faster, and smarter, capable of protecting against next-generation threats.

Updating your operating system and antivirus software regularly will help significantly upgrade your defences. Having a software provider that offers updates to its virus definitions and threat databases is essential to keep up with the evolving threat landscape, helping protect against various types of malware, including viruses, Trojans, worms, and spyware. Additionally, some antivirus programs offer email and web scanning features to block phishing attempts and malicious links.

Furthermore, enabling multi-factor authentication (MFA) adds an extra layer of security by requiring you to provide two or more forms of authentication before gaining access to an account or device. Enabling MFA enhances device security significantly, as even if an attacker acquires your password, they would still need the additional authentication factor.

Having a VPN like RAV VPN also helps. VPNs primarily focus on enhancing online privacy and securing data in transit. They achieve this by encrypting internet traffic, preventing cybercriminals from intercepting and eavesdropping on sensitive information, especially when using public Wi-Fi networks or untrusted connections. VPNs also mask your IP address, adding an element of anonymity to your online activities and protecting your privacy from prying eyes. 

Last but not least, educate yourself and others. Awareness plays a key role in guarding against phishing and social engineering tactics. Both individuals and organisations should invest in training to recognise phishing attempts and other common tactics employed by cybercriminals. Suspicion and caution are valuable tools. Be wary of unsolicited emails or messages requesting personal information, and always verify the legitimacy of websites or sources before sharing sensitive data. Regularly updating and reinforcing cybersecurity awareness among users is an ongoing effort.

How do you see the future of cybersecurity threats evolving? And your role with that?

Cyberattacks will only become more sophisticated as AI becomes more prevalent. Machine learning algorithms allow bad actors to analyse vast amounts of data and adapt their strategies accordingly. For example, they can employ AI to conduct in-depth reconnaissance on potential targets by scanning websites, social media profiles, and public records to gather information about individuals and organisations. This information is then used to craft highly convincing and personalised social engineering attempts.

AI is not only enhancing the sophistication of cyberattacks but also automating various stages of the attack lifecycle. This automation enables attackers to conduct more efficient and scalable campaigns, making it imperative for cybersecurity experts to adopt AI-driven defences that can detect, respond to, and mitigate these evolving threats in a timely manner. 

In response, cybersecurity experts will fight fire with fire, becoming increasingly reliant on AI for threat detection, predictive analysis, and automated response mechanisms. At ReasonLabs, for instance, we are using AI to quickly analyse vast datasets to identify anomalies and potential threats.

Moreover, AI-driven security systems can adapt to evolving threats in real-time, enhancing overall cybersecurity resilience. The cat-and-mouse game between attackers and defenders continues to evolve, and AI is at the forefront of this technological arms race in the realm of cybersecurity.


For more insights into the world of Cyber - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - Technology Magazine | AI Magazine.

Please also check out our upcoming event - Cloud and 5G LIVE on October 11 and 12 2023.


BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.

BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.​​​​​​​


Featured Articles

Gary Merrill: Who Is Commvault’s First-Ever CCO?

Experiencing a period of rapid growth, Commvault have created the new position of CCO and given it to company veteran and former CFO Gary Merrill to lead

Xalient's Stephen Amstutz on Need for Cyber Staff Wellness

Stephen Amstutz, Director of Innovation at Xalient explains why cyber staff are getting stressed and what can be done to help

Worldwide IT Outage Not Cyber Attack - But Software Update

The global IT outage that is being described as one of the biggest ever is thankfully not being attributed to a cyber attack, but rather a software update

Companies Across Cyber Sphere Warn of Surge in DDoS attacks

Cyber Security

UK Takes Steps to Strengthen Country's Cyber Security

Cyber Security

BlueVoyant Launch Platform to Tackle Supplier Attack Surface

Operational Security