Review of Sophos’ 2023 threat report

Published: 18 January 2023

Sophos’s latest threat report has been released for 2023 and Xperience felt a quick summary for our Cyber Security customers would be beneficial. The 36-page report takes an in-depth look at the threat landscape of the new year.

Content of the Sophos 2023 Threat Report

The report touches upon Malware Economics, the evolution of Ransomware, Attack Tooling, security tools and more.  In reaction to our partner’s latest threat report, two things stand out for us. The first is the continuous low barriers to entry for would-be Cyber Criminals. This has been due to hacking tools and access to vulnerable networks becoming rapidly more available to the wider criminal community. Wider availability of hacking tools leads to an increase in threats to organisations. This means the importance of up-to-date cyber security is ever growing.

Another threat that has been present this year is the number of criminals learning from past ransomware operations. This learning has led to the development of new threats in the wider criminal community.

Thirdly the report is the commodification of what once would be considered “advanced persistent threat” tools and tactics. Again, this takeaway underlines the threat to organisations. When more people have access to the tools needed to hack systems (combined with the low cyber security barriers) this is a simple increase in risk to any computer network. More tools= more perpetrators = more attacks.

Findings from the Geopolitics of Cyber Security

The report touches upon the challenges that Geopolitical conditions have placed upon fighting cybercrime. Recently, the relationship between the US and China has become tenser. This has led to China ending their cooperation with US law enforcement in fighting cybercrime. This weakens the security of the two nations and provides a window of opportunity for hackers.

China has also increased its crackdown on domestic cryptocurrency scams and other cybercrime. The crackdown led to Chinese-Language criminals shifting towards exporting these criminal operations. This poses a greater threat to countries other than Russia which is relevant to this report as the UK may be an area that is targeted instead.

The war in Ukraine did have a brief negative impact on the activity levels of ‘Russian Language Crime’, but they have since picked up again. This shows just how persistent cyber threats are as the threats quickly resumed.


There is no sure defence against all threats, an active defence is required to prevent any incursions from doing damage. The defence required is quite substantial and is often too large for many organisations to shoulder themselves.

Cyber Threats are continually evolving and are an ongoing process, it is simply too much work for most organisations to bare themselves. Sophos is continually working to increase their capabilities to aid organisations of all sizes against the continually evolving threats.

The use of a trusted Cyber Security Team, can help you to stay safe against constant threats.

If reading our review of the Sophos 2023 Threat Report has opened your eyes to the potential of our Cyber Security service, then get in touch today we will be happy to get a meeting booked in to discuss further.

Want to read the full threat report?

You will be asked to provide contact details before you can access the downloadable file above.

Read More

The limitations to Edge Defence and Anti-Virus Software

3 June 2024

Edge Defence and Anti-Virus Software: Why you need more in your cyber armour to protect your business in 2024.

Why using multiple layers of backup is a necessity

11 April 2024

It's important to backup. Ransomware risks continue to rise and files can become corrupted. Read our blog to find out more.

MFA: why you need additional Cyber Security defence  

14 March 2024

MFA (Multi Factor Authentication) is a great tool for adding an extra cyber protection, however it's not enough on its own.

Is an annual penetration test really necessary?

13 March 2024