Skip Navigation
Get a Demo
 
 
 
 
 
 
 
 

Introduction

Trends

Red Canary performed an analysis of emerging and significant trends that we’ve encountered in confirmed threats, intelligence reporting, and elsewhere over the past year. We’ve compiled the most prominent trends of 2023 in this report to show major themes that may continue into 2024.

The Technique and Threat sections of this report are focused on detection data and identifying prevalent ATT&CK techniques and threat associations from the more than 58,000 confirmed threats we detected in 2023. The Trends section takes us one step beyond that data and allows us to narrate events that might not be prevalent in our detection dataset but may be emergent or otherwise deserve your attention.

Introduction

Trends

Red Canary performed an analysis of emerging and significant trends that we’ve encountered in confirmed threats, intelligence reporting, and elsewhere over the past year. We’ve compiled the most prominent trends of 2023 in this report to show major themes that may continue into 2024.

The Technique and Threat sections of this report are focused on detection data and identifying prevalent ATT&CK techniques and threat associations from the more than 58,000 confirmed threats we detected in 2023. The Trends section takes us one step beyond that data and allows us to narrate events that might not be prevalent in our detection dataset but may be emergent or otherwise deserve your attention.

trend
Ransomware
Ransomware
Arrow Icon

Despite some promising disruptions to the ransomware ecosystem in 2023, defenders should stay vigilant in detecting common precursor behavior.

read more
trend
Initial access tradecraft
Initial access tradecraft
Arrow Icon

Adversaries employed tried-and-true initial access methods in 2023, with a few new variations on perennial themes.

read more
trend
Identity attacks
Identity attacks
Arrow Icon

In the era of single-sign-on and cloud-based-everything, there’s no better way for an adversary to sneak into a corporate environment than by compromising identities.

read more
trend
Vulnerabilities
Vulnerabilities
Arrow Icon

Despite some shiny new vulnerabilities in the headlines, adversaries’ post-exploitation playbooks have largely remained the same.

read more
trend
Stealers
Stealers
Arrow Icon

If identities are the new perimeter, information-stealing malware helps adversaries cross over.

read more
trend
Remote monitoring and management tools
Remote monitoring and management tools
Arrow Icon

Adversary abuse of remote monitoring and management (RMM) tools attracted extra attention in 2023, due in part to at least one prolific adversary leveraging these tools extensively.

read more
API abuse in the cloud
API abuse in the cloud
Arrow Icon

Armed with stolen short-term tokens or credentials, adversaries might be spending more time in cloud services providers’ APIs than some administrators.

read more
Artificial intelligence (AI)
Artificial intelligence (AI)
Arrow Icon

An important question looms in the infosec conversation about AI: Will generative AI tools better benefit defenders or adversaries?

read more
trend
Adversary emulation and testing
Adversary emulation and testing
Arrow Icon

More than a quarter of Red Canary’s customers performed some kind of testing in 2023.

read more
Industry and sector analysis
Industry and sector analysis
Arrow Icon

Our analysis of technique and threat prevalence and detection volume across sectors suggests that an organization’s industry is not a key factor in determining the level or nature of risk they face.

read more

How to use our analysis

The 2023 Trends section provides valuable insights and actionable recommendations for security leaders to make informed decisions. We offer advice to help defenders prepare, prevent, detect, and mitigate activity associated with these trends where relevant. The guidance we provide differs, since each trend requires a different approach. You might also use our analysis to help anticipate and plan for key trends that may continue into 2024, just as we saw with 2022 trends extending into 2023.

 

 

 

 
 
Back to Top