Review of Sophos’ 2023 threat report

Published: 18 January 2023

Sophos’s latest threat report has been released for 2023 and Xperience felt a quick summary for our Cyber Security customers would be beneficial. The 36-page report takes an in-depth look at the threat landscape of the new year.

Content of the Sophos 2023 Threat Report

The report touches upon Malware Economics, the evolution of Ransomware, Attack Tooling, security tools and more.  In reaction to our partner’s latest threat report, two things stand out for us. The first is the continuous low barriers to entry for would-be Cyber Criminals. This has been due to hacking tools and access to vulnerable networks becoming rapidly more available to the wider criminal community. Wider availability of hacking tools leads to an increase in threats to organisations. This means the importance of up-to-date cyber security is ever growing.

Another threat that has been present this year is the number of criminals learning from past ransomware operations. This learning has led to the development of new threats in the wider criminal community.

Thirdly the report is the commodification of what once would be considered “advanced persistent threat” tools and tactics. Again, this takeaway underlines the threat to organisations. When more people have access to the tools needed to hack systems (combined with the low cyber security barriers) this is a simple increase in risk to any computer network. More tools= more perpetrators = more attacks.

Findings from the Geopolitics of Cyber Security

The report touches upon the challenges that Geopolitical conditions have placed upon fighting cybercrime. Recently, the relationship between the US and China has become tenser. This has led to China ending their cooperation with US law enforcement in fighting cybercrime. This weakens the security of the two nations and provides a window of opportunity for hackers.

China has also increased its crackdown on domestic cryptocurrency scams and other cybercrime. The crackdown led to Chinese-Language criminals shifting towards exporting these criminal operations. This poses a greater threat to countries other than Russia which is relevant to this report as the UK may be an area that is targeted instead.

The war in Ukraine did have a brief negative impact on the activity levels of ‘Russian Language Crime’, but they have since picked up again. This shows just how persistent cyber threats are as the threats quickly resumed.


There is no sure defence against all threats, an active defence is required to prevent any incursions from doing damage. The defence required is quite substantial and is often too large for many organisations to shoulder themselves.

Cyber Threats are continually evolving and are an ongoing process, it is simply too much work for most organisations to bare themselves. Sophos is continually working to increase their capabilities to aid organisations of all sizes against the continually evolving threats.

The use of a trusted Cyber Security Team, can help you to stay safe against constant threats.

If reading our review of the Sophos 2023 Threat Report has opened your eyes to the potential of our Cyber Security service, then get in touch today we will be happy to get a meeting booked in to discuss further.

Want to read the full threat report?

You will be asked to provide contact details before you can access the downloadable file above.

Read More

Are we looking at the end of passwords?

19 December 2022

Is this the end of passwords?

National Computer Security Day- November 30th 2022

10 November 2022

This month hosts National Computer Security Day. We take a quick look at the aim of the day and how best to celebrate in your business.

Employee or Employer; Where does the cyber breach responsibi...

12 October 2022

Cyber Security responsibility is a loop; both employees and employers are accountable for preventing a cyber breach.

Calculating Return on Investment of a Project

27 July 2022