The Netskope Cloud and Threat Report aims to provide strategic, actionable intelligence on the latest trends in cloud computing and cybersecurity threats affecting organizations throughout the world. In this edition, we take a look back at the major trends of 2023, paying special attention to those that we expect to continue into 2024 and beyond.
Throughout 2023, cloud and SaaS adoption continued to rise in enterprise environments, with users constantly adopting new apps and increasing their use of existing apps. App suites from Microsoft and Google continue to dominate in all industries and geographies worldwide as apps from these vendors become even more ingrained in critical business processes.
Adversaries, recognizing this trend, are abusing and targeting popular apps in their operations more frequently. Social engineering has become the most common method adversaries use to gain access into victims’ environments. Adversaries are increasingly successful in tricking victims into downloading Trojans by hosting them in popular SaaS apps and in tricking victims into clicking on phishing baits designed to steal SaaS app credentials.
The majority of adversary activity targeting Netskope customers in 2023 was financially motivated. When a financially motivated adversary gains initial access to a victim’s environment, they typically install an implant (usually Cobalt Strike) to maintain persistence. They ultimately try to extort the victim organization by deploying ransomware, infostealers, and wipers, threatening to expose sensitive data publicly or sabotage the victim’s environment if they do not pay. Even geopolitically motivated adversaries, whose primary objective has historically been cyber espionage, are also engaging in similar extortion activities.
This report spotlights these and other predominant trends of 2023 and offers predictions into which ones will continue into 2024.