A new report reveals the most headline-grabbing cyber extortion event in the first half of 2023 was the Clop ransomware group, which began exploiting the MOVEit zero-day vulnerability in May to gain illegal access to a wide range of victims. However, according to the report, in terms of the total claimed victims, Clop was not as prolific as LockBit, which was responsible for about 30 percent of all ransomware attacks in H1 (out of the top 10 most active groups).

In the new Cyber Threat Intelligence Index: 2023 Midyear Report, Flashpoint takes a look into the states of ransomware, vulnerability, data breach, insider threat and malware intelligence — providing data and analysis on the most impactful events and threats of 2023 so far.

Other report highlights

• As of August 9, the total number of victims — those posted on Clop’s ransomware blog combined with data from Flashpoint’s Cyber Risk Analytics (CRA) platform — totaled more than 650. This number includes companies that were directly attacked by Clop as well as third-party victims.
• 14,201 new vulnerabilities were reported in H1 2023, and 2,189 of them were missed by the Common Vulnerabilities and Exposures (CVE) and National Vulnerability Database (NVD). 
• More than 36 percent of H1’s disclosed vulnerabilities have a working proof-of-concept or a known public exploit, giving low-level attackers an opportunity to compromise vulnerable systems.
• In H1 2023, analysts identified 2,893 data breach events, resulting in the loss of 5.94B records. 
• The highest number of breaches were recorded in the U.S.