A new year, new cyber threats, methods, protection

Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Look now.

Don’t slack on cybersecurity posture: Experts warn that 2023 will usher in new attack methods and models – and continued use of tried and tested cyber threat favourites.

While nearly two-thirds (63%) of cybersecurity practitioners reported spending more on cybersecurity in 2022 than in 2021, attacks continue to proliferate—and accelerate—as cybercriminals become more cunning and their methods increasingly customized.

“Financially motivated crimes such as ransomware, extortion and the sale of access tokens will continue to gain popularity and will be the biggest adversaries in 2023,” said Ben Johnson, CTO and co-founder of Obsidian Security. “With the increase in economic uncertainty, as well as the recent mid-term elections and shifts in power, groups like Anonymous will return and carry out vigilante missions.”

With the holidays fast approaching, and 2023 right behind it, several security leaders are sharing their predictions for the cyber threat landscape—and what organizations can do to fight back.


Intelligent Security Summit

Learn the critical role of AI and ML in cybersecurity and industry-specific case studies on December 8. Sign up for your free pass today.

Register now

Willowy security perimeter increases cyber threats

In particular, mobile workplace trends will continue to create new blind sports for businesses, said Patrick Harr, CEO of SlashNext.

With more email protection in place, attackers are increasingly turning to personal communication channels such as LinkedIn, WhatsApp and Signal. And multiple people are working on the same device for their business tasks and their personal lives at the same time, “which is a significant blind spot,” Harr said.

Once a single user is compromised, it becomes just a matter of penetrating laterally through an organization from a remote foothold, he said.

“The single biggest threat to any company isn’t machine security anymore — it’s really the human factor of security,” Harr said. “That’s why these attacks on humans will continue to increase, because humans are fallible.”

Jason Rebholz, CISO at Corvus Insurance, agreed that the shift in cyber trust is being reinforced by changing the outer security perimeter.

“Boundaries are no longer defined by office network location; the outer boundary is now amorphous,” he said. “It extends to the user account, third parties and wherever the organization’s data resides. We have entered an age where networks are formless and data dissemination is almost unlimited.”

And, Harr said, the main causes of ransomware are spear phishing, credential theft and business email compromise.

Another critical area of ​​concern is insider threat, which can be even more problematic during a downturn. This is when an employee, either maliciously or inadvertently, uses their authorized access to steal, share or otherwise disclose an organization’s sensitive data.

“At the end of the day, the security policy should always be to trust nothing,” Harr said, “and to verify everything.”

The rise of as-a-service models

Ransomware-as-a-service (RaaS), cybercrime-as-a-service (CaaS) and malware-as-a-service (MaaS) will continue to proliferate, as they offer hackers – including those with little or no coding skills — low-cost access, predicts Derek Manky, chief security strategist and VP of global threat intelligence at FortiGuard Labs. And new a la carte services will appear.

“CaaS presents an attractive business model for threat actors of varying skill levels, as they can easily take advantage of turnkey offerings without investing time and resources up front to create their own unique attack plan,” said Manky.

At the other end of the spectrum, creating and selling attack portfolios-as-a-service offers easy, fast and repeatable pay for experienced cybercriminals. Threat actors will also begin to exploit new attack vectors such as deepfakes, offering videos, audio recordings and related algorithms more widely for purchase.

Automation of cybercrime

Also, attackers using more targeted methods are likely to hire “detectives” to gather intelligence before launching an attack, Manky said. Reconnaissance-as-a-service offerings can serve up attack patterns, including an organization’s security profile, key cybersecurity personnel, the number of servers they have, known external vulnerabilities, and even compromised credentials for sale, to help a cybercriminal carry out a highly targeted and effective attack.

Organizations can combat this with cybersecurity fraud combined with digital risk protection services, he said.

“Enticing cybercriminals with deception technology will be a useful way to not only counter [reconnaissance-as-a-service] but also CaaS in the reconnaissance phase,” said Manky.

Cybercriminals will also soon use (if they don’t already) machine learning (ML) to recruit money-laundering mules. Automated services that move money through layers of crypto exchanges will make the process faster and more challenging to track. Money laundering-as-a-service (LaaS) could quickly become mainstream. Also, watch out for the commoditization of the tried-and-true favorite – wiper malware, Manky said.

“The advent of automation means that money laundering will be more difficult to trace, reducing the chances of recovering stolen funds,” he said. “Looking outside an organization for clues about future attack methods will be more important than ever.”

Threats from nation-state attackers, lone wolves

While there is growing concern from Russian state actors, the biggest US nation-state threat comes from cyberattacks from China. The country has set itself the goal of dominating 20 major global industries. The fastest way to achieve that goal is through cyber espionage; Cybercriminals can gain access to intellectual property, chip designs and health information, Harr said.

“It’s certainly something we need to be aware of,” he said.

At the same time, don’t underestimate the ability of, say, a 14-year-old lone wolf hacker to infiltrate and compromise an environment and cause lasting damage. This scenario has already played out through social engineering attacks on Uber and Twitter.

“With the proliferation of access to the cloud, automation and shared software repositories, it’s never been easier to be a successful bad actor,” Harr said.

Furthermore, the metaverse, digital twins and other advanced technologies will present new security challenges.

“The metaverse will eventually reach beyond gaming and into almost every aspect of business and society,” Harr said.

This new type of digital interface will present unforeseen security risks – for example, avatars can impersonate other people and trick users into giving away personal data. Also, expect to see more holographic-type phishing attacks and scams as the metaverse evolves.

“People need to fight AI with stronger AI because we can no longer rely solely on the naked eye or human intuition to solve these complex security problems,” Harr said.

Manky agreed that virtual cities and online worlds will become new attack surfaces. While new cyber destinations open up a world of possibilities, they “also open the door to an unprecedented rise in cybercrime in uncharted territory.”

For example, a person’s avatar is essentially a gateway to personally identifiable information (PII), making them prime targets for attackers, he said. Biometric hacking could also become “a real possibility” due to the AR and VR-powered components of virtual cities. This makes it easier for a cybercriminal to steal fingerprint mapping, facial recognition data or retinal scans and then use them for malicious purposes.

And digital wallets, crypto exchanges, NFTs and other digital currencies will be under even more attack, experts agree.

Quantifying cyber threat security risk

In the midst of all this, cyber insurance will become a core part of understanding cyber risk and building resilience,” said Vincent Weafer, CTO of Corvus Insurance.

Cyber ​​insurers will need a deeper and more dynamic understanding of organizations’ cyber threat risk and IT systems to build resilience, he said. Partnerships with third-party providers will allow insurers to gain greater risk insight and set new expectations for policyholders.

Also, expect to see more investment in quantifying security risks, Corvus’ Rebholz said.

Cyber ​​insurers will lean into partnerships with technology companies to fuse security data with underwriting and risk modeling insights, he said. The net result will be more accurate risk quantification, which will help keep policyholders safer.

“In the new year, building cyber resilience will be a critical priority business leaders will not be able to ignore,” said Weafer. “This can take a number of forms, from developing larger initiatives and partnerships with insurtechs, to building cyber skills through regular staff training.”

Combat advanced attacks with advanced methods

Experts agree that cybersecurity training is necessary — but it shouldn’t be the only line of defense.

Organizations should adopt threat modeling and, especially amid increased regulatory scrutiny, implement compliance programs. Identity verification will also be crucial for success, especially in the metaverse, many say.

Experts expect security solutions to be increasingly enhanced with ML and AI; this can detect attack patterns and stop threats in real time. Backup and recovery tools will also help organizations rethink their security practices.

Expect further advances in proof of identity, passwordless authentication, audit and change control, and adaptive risk-based orchestration, experts say. Also, Kubernetes platforms with security built in as standard to become the norm.

Ultimately, it’s about implementing broad, integrated, automated platforms and tools, Harr said.

And, he emphasized, “just remember that your people are the most attacked vector and the most unprotected aspect of your security posture.”

CISA is growing into its own

The Open Source Security Foundation offered “prescriptions” for the year ahead: Industry and government must be vigilant to protect critical infrastructure from cyberattacks, as producing pieces of software (SBOM) will now be enough to secure the software supply chain.

In particular, “the government must make cyber security a civic duty by 2023,” according to the cross-industry consortium.

Obsidian Security’s Johnson agreed, saying the Cybersecurity and Infrastructure Security Agency (CISA) “came into its own in 2022.”

“Next year we will see CISA driving better, more robust security, particularly in critical infrastructure – increasing the maturity of the sector as a whole,” he said.

VentureBeat’s mission will be a digital town square for technical decision makers to gain knowledge about transformative business technology and transactions. Discover our orientations.

Leave a Reply

Your email address will not be published. Required fields are marked *