Last updated at Fri, 18 Aug 2023 21:29:32 GMT

It will come as little surprise to most people that cyber threats in 2023 have been rather prolific. From widely exploited vulnerabilities to high-profile ransomware and extortion campaigns, the first half of the year has seen more than its fair share of large-scale incidents.

Rapid7’s 2023 Mid-Year Threat Review aggregates data and analysis from our vulnerability intelligence, managed services, and threat analytics teams to provide a mid-year snapshot of the attack landscape and give organizations actionable guidance on protecting themselves from common threats.


From January to June 2023, our team tracked:

  • 1,500+ ransomware incidents
  • 79 attacks attributed to state-sponsored threat actors
  • More than a dozen new vulnerabilities that were exploited en masse
  • A significant uptick (69%) in incident response case volume

Exploitation of public-facing applications has been a popular initial access strategy so far this year, including for advanced persistent threat actors (APTs) and state-sponsored adversaries. APTs exploited both zero-day and known vulnerabilities in routers, security appliances, printer management software, Voice over Internet Protocol (VoIP) technologies, and more. Cyber espionage, cyber warfare, and financial gain were the main motives attributed to state-sponsored threat campaigns.

Our mid-year data also shows that basic security hygiene is still a challenge for many businesses — 39% of incidents our managed services teams responded to stemmed from either lax or lacking multi-factor authentication. As always, our mid-year report provides actionable guidance to help businesses improve their security posture, including tactics to mitigate the risk of data exfiltration.

For more findings and risk management strategies, read the full report here. An infographic of key takeaways is also available here. Members of the Rapid7 research team will also host a webinar on the findings. Details are available here.