PL
DE
UK
The world is now more dependent on technology than ever. However, technology also brings with it more and more dangers. Cybercriminals are not idle and are looking for more and more ways to defraud, phish for data and money. Even small vulnerabilities in software security can make things much easier for hackers. Looking at this year, we can already draw conclusions about what cyber security will look like in 2023. So what are the predictions? What will be targeted more often? What extortion methods will hackers use?
Increasing attacks on authentication
First of all, it can already be said that attacks on identity authentication and access management, or IAM, are likely to become more frequent. Many of these attacks will be successful. Already, many cybercriminals have learned how to bypass or steal the tokens used for two-factor authentication. But there are other situations, such as overwhelming victims with requests like MFA fatigue attacks. This can lead to successful logins without even needing to exploit a security vulnerability. This is all unfortunately related to the still too little attention paid to passwords, which are still too weak, too short and repetitive. Finally, it is necessary to understand how authentication works and who gets access to the data.
Further evolution of ransomware
The threat from ransomware is still strong. Ba, it is evolving. Despite the apparent changes associated with greater data exfiltration, hackers continue to professionalize their operations. They are expanding their operations to other operating systems besides Windows and Android, namely Linux and macOS, and using new programming languages such as Go and Rust. So the number of attacks will be higher because they pay off, and even more so when cyber insurance covers some of the losses associated with an attack. Hackers will try to uninstall security software, delete backups or disable disaster recovery plans, and “Living of the land” techniques will play the biggest role.
More and more viruses stealing data
Phishing malware is already a standard among cybercriminals creating and spreading viruses. Stolen information includes credentials, later sold for further attacks, and the growth of data and the complexity of related cloud services, effectively make it harder to control data through encryption and protection. A stolen software access key is enough to get all the data. This will lead to advances related to data processing while maintaining privacy.
Not just phishing anymore
Millions of scammers continue to send e-mails aimed at phishing, that is, to defraud by pretending to be a particular institution. This situation will not change soon, and there may be even more attacks. However, scammers are already beginning to go beyond just email phishing and use other communication channels, such as text messages, Teams and Slack, to evade filtering and detection. Proxy servers will also continue to be used for phishing, to capture session tokens, and use redirects in the form of QR codes, for example, to better hide.
More attacks on cryptocurrencies
There is no imminent end to attacks on cryptocurrency exchanges or smart contracts and blockchain systems. Even cybercriminals who attack state organizations are attempting to steal cryptocurrencies, with up to hundreds of millions in digital currencies falling prey to them. Attacks are and will continue to become more sophisticated, and will include smart contracts, DeFi solutions or algorithmic coins, becoming a complement to traditional attack methods, namely phishing and malware.
IT services, consulting, and others the way to attack organizations
Service providers in IT, consulting and other IT fields are increasingly vulnerable to cyber attacks. The security of their services is being compromised, as cybercriminals abuse installed tools, such as PSAs or RMMs, to gain access to the resources of the victim, the organization for which the service provider works. Such external actors are the weakest link in an organization, so hackers don’t have to agonize over painstakingly devising plans for entire attacks on software supply chains.
Browser attacks
Cybercriminals have also recently taken aim at browsers. They attack in or through it, and attacks are and will be carried out from the session level. Malicious extensions will be used for them, which will, for example, swap transaction addresses or steal passwords in the background. In addition to this, there is also an apparent trend to take over the source codes of browser extensions and add backdoors to them, e.g. via the GitHub repository. Web portals, too, will continue to track users via JavaScript and provide session IDs via http links to marketing services. Hackers will also develop Formjacking/Magecart techniques to steal data through small added snippets in the background of the original site. Analysis of such attacks, in turn, will become increasingly complicated due to the development of serverless processing.
Cloud automation a field for attacks
Nowadays, everything – data, processes, infrastructure – is stored in the cloud. And it will continue to be so, with everything starting to become more and more automated. Many IoT devices will form a hyper-connected cloud of services. So many APIs will be available on the network, which will make the number of attacks against them higher. Through automation, we may have to deal with attacks on a really large scale.
Threat to business processes
Cybercriminals have no shortage of ideas for modifying business processes to make even greater profits and gains. These include, for example, changing the recipient’s bank account details in a given company’s billing system template, or adding an attacker’s cloud tray as a backup location for an email server. Most often, these types of attacks are carried out without the use of malware. Careful analysis of user behavior is also necessary.
AI development will boost fraud
AI, or artificial intelligence, is increasingly being used by smaller and larger companies. Advances in the creation of synthetic data will result in increased development of scams involving identity theft or disinformation through the use of fake content. Even more worrisome will be the trend of attacks on AI and ML models themselves. Cybercriminals will attempt to exploit vulnerabilities in these models, deliberately implanting bios, or biases, into the dataset, or using triggers to flood the environment with AI alerts.
What actions will be taken for cyber security in 2023?
Above all, it is expected that more and more countries around the world will enact laws with an emphasis on privacy and data protection. The world will move toward granting individual data rights to consumers, such as the right to access, correct, delete or back up data held by a company. 2023 will also be the year of new systems for managing corporate cybersecurity. Tools including 24/7 monitoring, root cause analysis or critical alerts, which are core functions of protection systems, will be sought and implemented.
What can be done to protect against attacks in 2023?
Forecasts show increasing advances in attacks and newer ideas of hackers related to the development of technology. Therefore, data protection needs to be given even more attention. Above all, it is not worth saving on it. It is necessary to have modern protection and antivirus software, as well as to build awareness of both the organization’s employees and customers about Internet security.
It’s not worth saving on anything, as it can only end in unnecessary losses and problems. It is definitely not worth saving money to work with external service providers providing internet, hosting, domains, software, etc. It’s worth thinking carefully about choosing such companies, reviewing reviews from other customers, as it’s the external companies that will be the targets of attacks in 2023. If you are looking for high-quality and secure services related to Internet access, corporate networking, as well as hosting and domains, ITH and KRU are an excellent choice. By using these services, you can rest assured that the data your company collects will be safe and the risk of attacks will be minimal.