6 stories that defined cybersecurity in 2023

In March 2023 President Joe Biden released a new National Cybersecurity Strategy, outlining how the US government intends to secure cyberspace and create a resilient digital ecosystem that is easy to defend and safe for everyone.

The strategy is part of a larger effort by the Biden administration to strengthen cyber and technology governance. This has so far included efforts to increase accountability for tech companies, boost privacy protections and ensure fair competition online.

The World Economic Forum's Global Risks Report 2023 ranked cybercrime and cyber insecurity as the 8th biggest risk in terms of severity of impact, both in the short term (next two years) and over the next decade.

Here are the five pillars of the US' cybersecurity strategy.

Genesis Market, one the world’s largest, illicit online marketplaces, was shut down in 2023 in a police operation that involved over a dozen international law enforcement agencies.

"Operation Cookie Monster" resulted in hundreds of thousands of stolen identities and online access credentials being seized. The FBI and the Dutch National Police spearheaded the crackdown, which resulted in more than 100 arrests worldwide and served as a major blow to global cybercrime efforts, according to officials.

The platform has offered over 80 million accounts access credentials from more than 1.5 million compromised computers worldwide since its inception. This includes thousands of credentials stolen from over 460,000 computer devices that were advertised for sale at the time “Operation Cookie Monster” closed down the site.

How 'Operation Cookie Monster' took down a major dark web marketplace.

An increasingly digital world has led to digital footprints with surprisingly long trails – and details some people would rather the internet forgot.

The concept of allowing people to request the removal of their personal information from the internet has been back in the headlines in 2023 after a Canadian court agreed that its citizens have the "right to be forgotten" on Google searches.

But this right is not recognized everywhere and even where it is, organizations don’t always have to comply with requests.

Concerns have been raised that the legislation could lead to frequent and widespread removal of content, and be used as a mechanism to censor or prevent scrutiny.

Here's how the right to be forgotten works, as well as the latest on legislation.

October also saw the biggest ever distributed denial of service (DDoS) attack, with internet companies including Google and Amazon warning users that these types of attacks could cause widespread disruption unless cybersecurity measures are stepped up.

DDoS attacks, which aim to make websites unreachable by overwhelming them with bogus requests for data, are nothing new but they are becoming increasingly sophisticated and disruptive.

The World Economic Forum’s Global Cybersecurity Outlook 2023 points to the convergence of geopolitical instability, the arrival of AI that can amplify cyberattacks and a lack of cybersecurity expertise as drivers of such cyber risks.

How internet companies are tackling the biggest ever DDoS attack.

"There's a gathering cyber storm," Sadie Creese, a Professor of Cyber Security at the University of Oxford, said during an interview at the World Economic Forum’s Annual Meeting 2023 in Davos, Switzerland. "This storm is brewing, and it's really hard to anticipate just how bad that will be."

Cyberattacks such as phishing, ransomware and DDoS attacks are on the rise. Cloudflare, a major US cybersecurity firm that provides protection services for over 30% of Fortune 500 companies, found that DDoS attacks increased 79% year-over-year in 2022.

Against this backdrop, in November, the Annual Meeting on Cybersecurity 2023 brought together over 150 of the world’s foremost cybersecurity leaders from business, government, international organizations, civil society and academia to foster collaboration on making cyberspace safer and more resilient.

Experts at Davos 2023 call for a global response to the gathering 'cyber storm'.

The world needs 3.4 million cybersecurity experts to support today’s global economy, but industries are struggling to fill that gap.

The World Economic Forum’s Global Cybersecurity Outlook 2023 report shows that 59% of business leaders and 64% of cyber leaders ranked talent recruitment and retention as a key challenge for managing cyber resilience.

And the industries that reported a lack of skills were mainly in critical infrastructure industries like energy utilities.

To bridge the talent gap, here are three key areas that require attention.