7.美国政府《2023网络安全年报》 conv.docxVIP

2024/6/2616:51 WhiteHousereportdetailsallof2023’smajorgovbreaches?TheRegisterCSO

WhiteHousereportdishesdeetsonall11majorgovernmentbreachesfrom2023

TheMOVEitbreachandransomwareweren’tkindtotheFedslastyear

ConnorJones Wed12Jun2024//16:15UTC

ThenumberofcybersecurityincidentsreportedbyUSfederalagenciesrose9.9percentyear-on-year(YoY)in2023toatotalof32,211,peranewWhiteHousereport,whichalsospilledthedetailsonthemostseriousincidentssufferedacrossthegovernment.

Ofthetotalnumberofincidents,themajority(38percent)wereclassedasimproperusage,meaningasystemwasusedinawaythatviolatedtheagencysacceptableusepolicies.Thereportstatedthatagencieshavethecapabilitytodetectwhensecuritypoliciesarebeingviolated,butnottheabilitytopreventitfromactuallyhappening.

Thenextmostcommonincidentwascausedby,unsurprisingly,phishingandmaliciousemails,anditwasthevectorthatsawthebiggestYoYincrease(bynumberofincidents)from3,011in2022to6,198in2023.

5,687incidentscouldntbecategorizedbyanyspecificvector,sotheywereambiguouslylumpedunderother/unknown.Web-basedattacksbarelyincreasedYoYwith3,569cases,unlikeincidentsofequipmentgoingawry–eitherthroughcarelessnessoractualtheft.

Thereport[PDF]doesntbreakdownthetotalintolossortheft,whichwouldhavebeeninteresting,butthenumberofyearlycasesrosefrom1,832to3,135in2023.

/2024/06/12/white_house_report/ 1/8

2024/6/2616:51 WhiteHousereportdetailsallof2023’smajorgovbreaches?TheRegister

Bruteforceattacksonnetworksandservicesweretheonlyothervectortoregistermorethan1,000cases(1,147)–buttookthepriceforthebiggestYoYpercentageincreaseinincidents,upfromjust197theyearbefore.

/2024/06/12/white_house_report/ 2/8

2024/6/2616:51 WhiteHousereportdetailsallof2023’smajorgovbreaches?TheRegister

But