Darktrace Threat Report

Darktrace’s End of Year Threat Report covers the threat trends we saw across our customer fleet in the second half of 2023.

Download the End of Year Threat Report

Download Now!

Oops! Something went wrong while submitting the form.

A mock up of the Darktrace 2023 Threat Report

What’s inside?

Latest threat research and incident statistics
Trends in email security, MaaS and RaaS, and more
Top five most observed vulnerabilities
Predictions for cyber security in 2024

threat report 2023

Discover the Latest Cyber Security Trends

Darktrace’s distinctive approach to threat analysis yields us a unique perspective on the threat landscape. In our End of Year Threat Report, we built on the work of our First 6: Half-Year Threat Report, sharing the insights we've garnered throughout the latter half of 2023.

We have observed not only the continuing development and evolution of identified threats in the malware and ransomware spaces, but also changes brought about by the innovation of cyber security tools.

Amid these challenges, the breadth, scope, and complexity of threats to organizations has grown, underscoring the importance of employing behavioural analysis, anomaly detection, and AI for cyber security.

The diagram represents Darktrace detections containing indicators of compromise (IoCs) that have been associated with particular MaaS and RaaS threats. The size of the bubble displayed relates to the frequency of detections observed across the Darktrace fleet. 

Loader malware

Loader malware was the most observed threat category within the MaaS and RaaS offerings Darktrace analyzed in the latter half of 2023, accounting for 77% of all investigated threats.

Phishing emails

Between September 1 and December 31, 2023, Darktrace/Email detected 10.4 million phishing emails across the customer fleet.

Darktrace/Email detected at least 639,000 malicious QR codes within these emails

58% of these emails passed through all existing security layers

Top 5 vulnerabilities

In the second half of 2023, there were five major vulnerabilities observed by Darktrace across its customer fleet, as determined by the number of affected assets.

Disclaimer: All emails seen by Darktrace/Email have already passed through any existing gateway; emails are then checked by native spam filtering (Microsoft or Google Workspace). In 58% of cases, phishing emails detected by Darktrace/Email passed through this filtering, either because of gaps in dete2ction or because customers have disabled it, trusting Darktrace/Email to handle all decisions.

white paper

CISO’s Guide to Cloud Security

Demystify the cloud and discover your security blind spots.

Download now

threat report 2023

Stay Ahead of Threats with AI-Powered Cyber Security

As threats continue to evolve, it’s more important than ever to have cyber security tools that can detect and respond in real time, even when dealing with remixed and novel attacks. Darktrace’s approach to cyber security allows it to do just that.

The Darktrace platform uses AI that learns from each organization’s specific data to understand ‘normal’ in order to recognize activity that is abnormal and indicative of a cyber-attack. As a result, Darktrace can detect and respond to attacks, including customized strains of malware and ransomware, even if they have been altered from previously known instances.

Since it is powered by AI, Darktrace can take action within seconds. With AI that is trained on your organization’s data, Darktrace protects against the trending threats of today and the emerging threats of tomorrow.