SOPHOS 2023 Threat Report

Cybercrime truly never sleeps and our partner, Sophos does its best to protect us and our clients from attacks. Every year they come out with an entire report going over all the data that they found through the past year and what to look out for next and how to best protect yourself. The Sophos 2023 Threat Report is unlike any other cybersecurity report. The report covers developments and trends in ransomware, the crime-as-a-service industry, the credential theft ecosystem, attack tools, crypto-mining, mobile malware, and so much more. 

Below are some of the trends that were highlighted in the report.

Cyberthreat landscape

The war in Ukraine has global repercussions for the cyber threat landscape. Immediately following the invasion, there was an explosion of financially motivated scams, while nationalism led to a shake-up of criminal alliance between Ukrainians and Russians, particularly among ransomware affiliates.


Criminals continue to exploit legitimate executables and utilize “living off the land binaries” (LOLBins) to launch various types of attacks, including ransomware. In some cases, attackers deploy legitimate but vulnerable system drivers in “bring your own driver” attacks to attempt to shut down endpoint detection and response products to evade detection. 

Mobile Malware

Mobile devices are now at the center of new types of cybercrime. Not only are attackers still using fake applications to deliver malware injectors, spyware and banking-associated malware, but newer forms of cyberfraud have been growing in popularity such as “pig butchering” schemes. And this crime is no longer just affecting Android users, but iOS users as well. 


The devaluation of Monero, one of the most popular cryptocurrencies for cryptominers, led to a decrease in one of the oldest and most popular types of cryptocrime- cryptomining. But mining malware continues to spread through automated “bot” on both Windows and Linux systems.

To learn more and get the full report click here