June 12, 2024 at 12:19PM
The White House report revealed that cybersecurity incidents reported by US federal agencies increased by 9.9% to 32,211 in 2023. Improper usage and phishing were the most common incidents. Despite the rise in attacks, none were classified as “high” impact. The report also detailed major incidents at various agencies, including ransomware attacks and data breaches affecting millions.
Based on the meeting notes, here are the key takeaways:
1. The number of cybersecurity incidents reported by US federal agencies increased by 9.9% in 2023, reaching a total of 32,211. The majority of incidents were classified as “improper usage” and involved violations of acceptable use policies. Phishing and malicious emails were the next most common incidents, with a significant year-on-year increase.
2. Web-based attacks, equipment malfunctions, and brute force attacks also contributed to the rise in cybersecurity incidents. The National Cyber Incident Scoring System rated the impact of these incidents as mainly “highly unlikely” to affect society.
3. There were 11 major cybersecurity incidents reported across federal agencies in 2023, with notable cases at the Department of Health and Human Services (HHS), Treasury Department, Justice Department, Interior Department, Consumer Financial Protection Bureau (CFPB), Transportation Department, Office of Personnel Management, and Department of Energy.
4. Notable incidents included ransomware attacks, data breaches, unauthorized access, and exposure of personal and medical data. The incidents at HHS, Treasury, Justice, and other agencies resulted in the compromise of millions of individuals’ personal information.
These takeaways provide a summary of the cybersecurity incidents and major cases reported by US federal agencies in 2023, highlighting the increasing and diverse nature of cyber threats faced by the government.