June 2023 Cyber Attacks Statistics

After the cyber attacks timelines (part I and part II), it’s time to publish the statistics of June 2023 where I have collected and analyzed 354 events, a number that shows an increase compared to May and, fueled by the exploitation at scale of the CVE-2023-34362 MOVEit vulnerability by the Clop (AKA Cl0p) ransomware syndicate, confirms the overall high level of activity that is now a certainty in this troubled 2023.

Cyber Crime leads the Motivations chart with a percentage slightly lower than May (77.1%  vs. 78.51%) and below 80% for the third month in a row. The operations driven by Cyber Espionage are slightly down to 9% from 9.25%, while Hacktivism gains some points to 6.5% from 4.78%. Cyber Warfare continues to gain traction and reach 5.9% from 4.18%.

And for the first time in my memory, malware is no more on top of the Attack Techniques. As I mentioned previously the exploitation en masse of the MOVEit vulnerability characterized the month of June, and this is obviously reflected in this chart, with vulnerabilities soaring at the first place with 22.7% from 8.66% at the expenses of malware dropping to 24.6% from 39.7% (but of course you should also take into consideration that the exploitation of vulnerabilities is preparatory to the installation of malware. It is also interesting to note the role of Coordinated Inauthentic Behavior at the third place among the known techniques with 5.9% along with Account Takeovers down from 13.13% in May.

And there is a novelty also in the Target Distribution led, for the first time by the technological sector with 15.3% (another side effect of the Clop campaign) ahead Multiple Organizations down to 13.8% from 24.18% and Governments with 12.4%

Check out the interactive charts and the statistics, also available as an infographic. And as always, please support my work, sharing the content, and of course follow @paulsparrows on Twitter for the latest updates.