In 2022, geopolitical unrest and an expanding online attack surface contributed to the emergence of several themes across the cyber landscape. Infrastructures associated with opposing ideologies were highly targeted, with government agencies, supply chains, and IOT devices falling victim to high-profile campaigns. Cybercriminals launched increasingly advanced attacks on vulnerable entities, with DDoS, ransomware, and hacking for a cause all consistently making headlines. And governments around the world began responding with laws and regulations to combat the escalating threats associated with cyberattacks on organizations big and small.
Looking ahead to 2023, Fortra’s security experts anticipate new cyber challenges will emerge, and in return, organizations and authorities will work together to better strengthen their security posture and response to threats. Below is a look at what our cybersecurity experts predict for 2023.
Hacktivism and Geopolitics
The conflict in Ukraine and impending recession are two examples of factors that drove an uptick in emotionally-driven cybercrime and recruitment in 2022. Experts believe that scams associated with current events, such as political instability and war, will continue to trigger emotional responses from bad actors, with government agencies and businesses as prime targets.
The economic downturn will cause negative impacts to the cybercommunity, as history dictates an increase in cybercrime during recessions. Security teams should be on the lookout for scams masquerading as government assistance programs and job recruitment as attackers look to take advantage of job seekers or those otherwise dealing with difficult circumstances. The consequences of online attacks during the recession could be exacerbated if cybersecurity operations experience cuts in an effort to curb costs.
These spending shifts may make it easier for threat actors to recruit insiders as a point of access to company networks. This method of compromising systems will increase as actors opt to pay disgruntled employees for credentials rather than penetrate a network on their own. Additionally, as data is shared more broadly across applications, the implications around who can access that data will become more and more a question of security at organizational and geopolitical levels.
Expanded operational information sharing between private and public entities will become more commonplace as security teams acknowledge the need for broader visibility into situations across the globe and how they may affect their organizations. Attack responses will mature as a result.
Expanded Attack Targets
In 2023, the attack surface will continue to expand for both public and private companies, and daily probings will represent the norm as criminals use tools to scan the internet for vulnerabilities in operational systems and IoT devices. Implementing only one layer of security controls to combat compromise will fail to be sufficient.
Security teams should expect to see phishing emails increase in volume and variety in 2023. Ransomware and malware will remain a consistent threat, and response-based campaigns that fail to flag indicator-based security controls such as BEC and spear phishing will increasingly make it into user inboxes. These attacks prove difficult to detect as they lack links and attachments, instead relying on correspondence-based calls-to-action to make it into user inboxes.
Identity deception will become a significant threat in the new year. Attackers are targeting businesses on external channels such as social media, SMS, and search engines, with criminals leaning heavily on impersonation as a tactic. Threat actors will also embrace Artificial Intelligence to enhance campaigns and determine targets. On a positive note, these unconventional attack methods will encourage the formation of cyber allies across entities to share critical information and tools that will aid in the detection of attacks.
Multi-factor authentication (MFA) will also be the target of increased exploits. Attackers will work to compromise integrity through techniques like verification-grabbing malware and SIM swapping. Organizations should consider implementing passwordless authentication to complement MFA.
Improved Attack Responses
In 2023, attack responses will be improved upon through better controls and progress toward zero trust. Organizations will move past basic controls implemented during the COVID-driven rush to digital transformation and invest time in securing data assets that need the most protection.
Sharing avenues will continue to open between organizations, and knowledge and controls over who has access to data will be prioritized through MFA, monitoring, zero trust, and encryption.
Ongoing training that is engaging and relevant will be critical to helping users identify attacks based on real world incidents and that comply with an organization’s policies.
Threat actors will continue to go after the lowest hanging fruit and target vulnerable entities within the supply chain, investing in mid-sized organizations less equipped from a security standpoint, including credit unions, insurance, and healthcare organizations. As a result, evaluations and audits of supply chains will increase. There will also be a magnifying glass on the vendor base and what is being done with the data provided to them. The expectations placed on vendors will only grow, as they will be expected to solve for multiple use cases.
Laws and Regulations
In 2023, we can expect more cross-government and cross-nation collaborations as cybersecurity is seen as a priority. At a non-federal level, the first round of grants for the $1 billion in FEMA and CISA BIL funding will be available for state, local, and territorial governments to help understand and mitigate infrastructure risks.
More laws and guidance are expected from a federal level, spanning topics from data privacy to ransomware payments, as CISA and the DOD engage in long-term strategic planning. The FTC just announced a new rule addressing the impersonation of government and businesses, which will help with the reporting and removal of offending websites, domains, advertisements, and more in the new year. In Europe, lawmakers will continue to iron out kinks in the General Data Protection Regulation (GDPR) to support smooth data transfer out of the EU.
According to Gartner, three quarters of the world’s population will be under privacy regulations in 2023. From a business perspective, increased presence in the digital space will likely lead to more violations as organizations struggle to navigate compliance and privacy regulations.
Cyber insurance will become a priority for businesses in 2023, as a growing number of customers expect organizations to be policyholders. That being said, market correction due to increased premiums and justification of spend will likely take place, with organizations requiring more from providers.
The increased likelihood of a cyber attack on businesses in 2023 will also contribute to complicated pre-audits and renewal processes, as well as more disputes and reduced payouts. Insurers will continue to implement a growing number of controls on the companies before providing coverage, to make sure customers comply with standards set.
The tactics, techniques, and procedures of cybercriminals will become more differentiated in 2023, as attackers lean toward the end goal of either profit or outcome of a specific cause. These elements will require security teams to continuously examine world events through a broad lens and prepare for how activity might affect their company. As these threats persist, organizations should prioritize cyber security initiatives that will promote better standards and increased awareness of threats. Security teams should also establish more proactive means of securing systems through early detection of vulnerabilities, visibility across relevant channels, and broad controls.