As we move into 2023, cybersecurity threats continue to evolve and become more sophisticated. It’s essential for individuals and organisations to stay informed about the latest threats and to take steps to protect themselves.
This article will discuss some of the biggest cybersecurity threats to look out for in the coming year.
Experts believe these threats will pose the greatest risks in 2023, ranging from ransomware attacks to phishing scams and cloud security breaches.
You can help keep your personal and professional data safe and secure by understanding these threats and taking precautions against them.
Pieter Danhieux, CEO and Co-Founder, Secure Code Warrior
2022 saw significant threat activity against targets in the healthcare industry, resulting in that vertical experiencing the highest increase in volume of cyberattacks across all sectors, at 69% year over year. Sadly, I think that will continue, largely due to the complex, legacy systems so often in place.
With healthcare institutions requiring fast-paced digital transformation and maintenance like any other industry, it is all too easy for access control errors, misconfigurations, and other known exploits to go unpatched.
A threat actor needs just one window of opportunity to inflict serious damage, and for organisations who are not putting their best defensive security strategy forward – which includes frequent and precision training of the development cohort – it’s hard to see this changing.
In addition, we cannot ignore the fact that there is an ongoing conflict between several world superpowers, and modern warfare has an increasingly digital front.
Nation-State attacks will become more prevalent to cause chaos and interference, and are likely to target telco, health, finance, and utilities enterprises to disrupt key economic pillars and manipulate public opinion.
Markus Nispel, EMEA CTO, Extreme Networks
As automation and AI for IT operations (AIOps) are two advanced key areas of technology to invest in, this will also require some level of investment in basic programming and data engineering skills.
Development of these skills is vital in order to understand the concepts of machine learning better and AI – not only for what it can do in terms of networking and security, but also how this technology can assist, enable and maximize the return of investment that organizations get from their digital transformation journeys. What’s more, employees that can act as the “interface” between business and IT are key assets in those digital transformation journeys.
Additionally, given the increasing dependency on networking infrastructure, companies should also prioritise investing in security skills. In particular, security awareness for the entire employee base is very critical for companies today.
As more businesses embrace and rely on digital technologies to keep their workforce and business operations connected, cyber threats will only grow in sophistication, requiring highly-skilled talent with the right knowledge to keep evolving technology secure.
Fleming Shi, Chief Technology Officer, Barracuda
Russia’s invasion of Ukraine this year revealed the modern digital battlefield. Most notably, we have witnessed an increased use of wiperware, a form of destructive malware against Ukrainian organisations and critical infrastructure.
The frequency has dramatically increased as we saw WhisperGate, Caddy Wiper, HermeticWiper, and others hitting the news since the war broke out. Unlike the financial motivations and decryption potential of ransomware, wiperware is typically deployed by nation-state actors with the sole intent to damage and destroy an adversary’s systems beyond recovery. In addition, in 2023, wiperware emanating from Russia will likely spill over into other countries as geopolitical tensions continue; and hacktivism by non-state actors seeking additional measures to exploit victims.
To ensure business continuity despite an attack, organisations must focus on full-system recovery that provides operability of the entire system instead of just data. For example, a speedy restoration of the virtual version of a targeted physical system will dramatically improve the resiliency of your business against wiperware or other destructive malware attacks.
At the same time, throughout 2022, the major ransomware gangs—LockBit, Conti, and Lapus$—were behind blockbuster attacks, keeping them in the headlines. But in 2023, with the ransomware-as-a-service business model taking off and the recent build leak of LockBit 3.0, a new generation of smaller and smarter gangs will steal their limelight.
During the year, organisations will experience an increased frequency of ransomware attacks with new tactics, and those that aren’t prepared will make headlines that devastate their business and reputation.
Chris Thomas, Senior Security Advisor, Asia Pacific and Japan, ExtraHop
With the rise of supply chain attacks, organisations will need to be smarter about vetting third- party vendors. A potential contractor’s security posture and network security strategy will be a determining factor for doing business. Vetting will also need to extend to understanding third party dependencies in a developer’s code. For example, do you know where that countdown widget on your website really comes from?
What code is in it and what it is accessing? Security teams will need to update their strategy to include vetting even the simplest integrations to secure their framework.
At the same time, in 2023 we will continue to see an increase in fake virus advertisements phishing emails or texts. Attackers have become so creative and they are now mimicking legitimate precautionary notices and capitalising on well-publicised breaches – like Optus and Medibank in AU.
These lures and tricks are so convincing that even some of the most tech savvy professionals are falling victim to these schemes. High profile breaches will continue to be the “gift that keeps on giving” for attackers
Dean Hager, CEO, Jamf
The same leadership philosophy that leads to employee spy-like tools also leads information security teams to lock down technology — in the name of greater security — to the point that it no longer achieves the goal it was deployed to achieve in the first place: to simplify work.
IT security policies that render technology unusable will ultimately make organisations less secure. After all, employees will not tolerate delivering less than their best.
As such, if IT and Info Sec teams do not provide a path to productivity, employees will find one — most often by using their unsecured personal computing devices. This reality will lead to security policies that preserve consumer-like user experiences, promote employee device choice programs, and embrace and rethink BYOD.
As money becomes tighter over the next year, BYOD programs that make sense will be pursued, because the alternatives: carrying two phones and work apps being accessed on unprotected personal phones are both problematic.
Organisations must present a compelling solution, such as partitioning a personal device to protect personal privacy and work, or else people will find a way to be productive with or without IT approval. IT and Security teams will need to work together on implementing new technology that empowers productivity, protects privacy and fades into the background.
Kevin Kirkwood, Deputy CISO, LogRhythm
Asia-Pacific (APAC) organisations are at the forefront of open-source software adoption, having observed growth amid the pandemic. However, the imperative concern of open-source security ensues.
With the region’s high reliance on open-source software, organisations are likely to be perceived as prime targets of cyber threats from supply chains. In 2023, we will see bad actors attack APAC’s vulnerabilities in low-hanging open-source vendors to compromise the global supply chain that utilises third-party code.
In recent years, hackers have become more strategic in exploiting open-source software and code so 2023 will be no different. Bad actors examine the code and its components to thoroughly understand its flaws and the most effective ways to exploit them.
Most folks think of ‘supply chain attacks’ as an attack on the physical pipeline that will prevent one from producing physical products. Software supply chain attacks are similar in nature to the physical world.
Developers use libraries, executable code and code snippets to complete their software products. If those elements are compromised and malicious code is introduced to those elements, the end product produced becomes a vehicle for threat actors to compromise the product and potentially gain entry to the system that houses the software.
Blindspots to surprise businesses as they cut corners to make ends meet in uncertain economic times. In tough economic times, an organisation’s c-suite will be focused on cutting what they perceive as non-essential costs and carefully analyse what they would choose to protect from a business perspective.
However, as organisations balance between international turning points and scaling down operations, threats will inevitably continue to evolve as cybercriminals take this chance to up their attack game during the recession.
Therefore, it is crucial that all organisations, regardless of sectors, take on proactive security strategies, adopt frontline prevention and detection technologies together with other security tools that provide pre-emptive capabilities.