U.S. federal agencies recorded 32,211 cyber incidents in 2023, representing a 9.9% increase over 2022, most of which involved violations of system usage policies, The Register reports.
Malicious emails and phishing messages emerged as the second most popular attack vector against federal systems, recording the highest year-over-year increase in terms of incident totals, while brute-force attacks had the largest year-over-year percentage growth, according to a report from the White House. Moreover, most of the incidents faced by federal entities were regarded to have a "highly unlikely" societal impact.
The findings also showed that most major cyber events were attributed to the Departments of Health and Human Services, Justice, and the Treasury, all of which logged two significant incidents each. Included in the incidents reported by the HHS were a pair of third-party ransomware attacks, one of which resulted in the exfiltration of data belonging to 2.8 million individuals and the other leading to the theft of information from 1.88 million others.