2023 Palo Alto Report: Top 3 Cyber Threats to Look Out For

The word "malware" is scattered down the screen.

Palo Alto Networks’ Unit 42 Network Threat Trends Research Report has been released! Let’s dive into some key findings and see how Votiro Cloud can address and mitigate some of the highlighted threats.

Finding #1: 66% of malware is delivered through PDF

The old adage about “tried-and-true” still holds firm regarding threat actors’ methods. Commonly-used productivity files such as Microsoft Office files and PDFs have long been favorites of hackers looking to conceal malicious content and code from their recipients. 

Apparently, the trend continues, with the 2023 Verizon DBIR indicating that PDFs comprise 66% of email malware deliveries. PDFs are used because they are commonly used and can be easily sent in a way that does not arouse suspicion, especially in social engineering schemes. Also, many people don’t realize that PDFs also support Javascript — a programming language that creates interactive elements on web pages — and malicious scripts are often surreptitiously inserted within these files. These file-borne malware threats are challenging to detect as many are unknown or Zero Day, meaning that standard malware detection tools or solutions will not prevent the attacks.

Head over to our blog if you’d like to read more about our findings from the 2023 Verizon DBIR.

Page 7, Palo Alto Networks’ Unit 42 Network Threat Trends Research Report, 2023

How Votiro can help: Votiro’s innovative Zero Trust approach to file security prevents malware from even the most innocent-looking PDF file from entering the organizations. Unlike detection-based file security solutions that scan for suspicious elements and block some malicious files, Votiro’s technology singles out only the safe elements of each file, ensuring every file that enters your organization is safe. Proactively keeping malware out is one of the best defenses you can take to stop hackers from accessing your internal data.

Finding #2: Significant increase in scams related to ChatGPT

With all the hype surrounding ChatGPT, it’s no wonder that hackers are getting into the generative AI game. Security researchers report a 910% increase in domain registrations that mimic ChatGPT between November 2022 and April 2023.  They also report 118 daily detections of ChatGPT-related malicious URLs captured in their Advanced URL Filtering system–an increase of 17,818%! Scammers are creating fake websites that look similar to the ChatGPT official website, then tricking unsuspecting users into downloading malware from the bogus site. ChatGPT-related grayware — software that wavers between malicious and benign – has also been on the rise since the generative AI tool was released to the public.

Page 11, Palo Alto Networks’ Unit 42 Network Threat Trends Research Report, 2023

How Votiro can help: Employees will always be susceptible to accidentally engaging with malicious files during their course of daily work. Implementing technology, such as Votiro, that does not rely on human detection and instead allows employees to be able to safely open any file from even the most malicious website is critical to preventing malware entry and safeguarding the organization. And while Votiro doesn’t prevent malicious websites from being created, it does protect employees from drive-by downloading or even purposefully accepting the file-borne threats that they mistake for real ChatGPT assets.

You can also read our recent blog (and watch the webinar) to hear our thoughts on generative AI in the cybersecurity landscape.

Finding #3: Specific industries under attack

Researchers highlighted a 238% increase in attacks against manufacturing, utilities, and the energy industry between 2021 and 2022. The susceptibility of manufacturers to cyber-attacks is growing due to their expansive supply chains and fragmented systems, which create security vulnerabilities. With numerous exposed endpoints, hackers can introduce malicious software into the manufacturing infrastructure by exploiting a vulnerable partner or supplier. The Utilities and Energy sector is also an attractive target for cybercriminals due to the massive number of electricity grids, power plants, and pipelines distributed across the country, opening the doors wide for cyber-criminals seeking financial gain or espionage.

Page 12, Palo Alto Networks’ Unit 42 Network Threat Trends Research Report, 2023

How Votiro can help: Considering the significant risk facing these verticals and the critical nature of the assets in these industries, organizations in these industries should significantly value the advanced malware protection offered by Votiro. To get a better idea of the risks posed to critical infrastructures, and the importance of better cybersecurity at the highest levels – including the recent Strengthening American Cybersecurity Act (SACA) signed into law – you can read our blog here

Guarding Against the Old and the New

The Palo Alto Networks’ Unit 42 Network Threat Trends Research Report highlights the importance of organizations simultaneously guarding against malware designed to exploit older vulnerabilities, like PDFs, while proactively staying ahead of sophisticated new attacks, like those used in ChatGPT-related scams. Votiro delivers a comprehensive approach that provides protection where other security solutions and standard malware prevention methods fall short.

Contact us today to learn more about how Votiro leads the way in preventing hidden threats in files, and securing your organization while maintaining productivity. And if you’re ready to try Votiro for yourself, start today with a free 30-day trial.

background image

News you can use

Stay up-to-date on the latest industry news and get all the insights you need to navigate the cybersecurity world like a pro. It's as easy as using that form to the right. No catch. Just click, fill, subscribe, and sit back as the information comes to you.

Subscribe to our newsletter for real-time insights about the cybersecurity industry.