Rapid7’s Mid-Year Threat Review: What You Need to Know

The first half of 2023 has been a prolific period for attacker activity, particularly in the ransomware and extortion space. In Rapid7’s mid-year threat review, our research and managed services experts share insights and trend data from attacks Rapid7 has observed and tracked so far this year. Our team also offers security guidance for protecting your organization from common threats.

These are some of the insights we found so far this year:

• Missing or lax multi-factor authentication enabling security breaches
  Some 40% of incidents Rapid7 managed services teams identified in H1:2023 stemmed from lax or non-existent multi-factor authentication enforcement

• Ransomware actors are out in force
  There have been more than 1,500 known ransomware incidents so far in 2023, some of which have driven significant collateral damage

• The market for access on the dark web is booming
  Access to security and network edge devices can go for tens or hundreds of thousands of dollars and brokers are selling access to compromised networks complete with target market research

The report also includes guidance designed to improve your security hygiene and better protect your organization from attacks.