2023 cybersecurity predictions – a turbulent year ahead for the industry?
From the Lapsus$ group’s extortion spree and Russia/Ukraine hacks to the Conti ransomware attack and supply chain vulnerabilities, it has been yet another busy year for security teams.
No wonder IBM’s Cost of Data Breaches Report 2022 reveals the average total cost of a data breach has increased again to $4.5m, whether ransomware is involved or not.
As we head into 2023, security decision makers should get ready to face another turbulent year, especially as geopolitical tensions escalate. Here are some of the top trends and predictions they should be watching out for:
- The healthcare sector will remain a primary target—Healthcare providers and hospitals have long been a favourite target of bad actors because the chances of success in this sector are higher. As Dirk Schrader, VP of Security Research at Netwrix, said in this article recently: “The first two years of the pandemic exhausted the industry. With patient health being the main priority for these organizations, IT security resources are often too stretched and are focused on maintaining only the most necessary functions. Plus, the high value of data gives cyber criminals better opportunities at financial gain: they can either sell stolen sensitive medical information on the dark web or extort a ransom for ‘unfreezing’ the medical systems used to keep patients alive.”
In the first half of 2022, the US health department data indicated there have been 337 breaches in the country alone. Similarly, in France, cyberattacks targeting hospitals have increased by 70% from 2020 with 380 reported last year. With an ever-shrinking healthcare labour force across the WHO European region, it’s unlikely attacks on this sector will relent in 2023.
- Cybercriminals will be launching more MFA bypass attacks—Cybercrime groups have been stepping up their efforts to target MFA (multi-factor authentication) methods in order to gain access to accounts, the recent Uber breach being just one example. According to Okta, MFA attacks are at their highest levels ever. In the first 90 days of this year alone, its network logged roughly 113 million attacks targeting MFA. Whether it’s through financial aggregator sites, SIM swapping, social engineering or phishing attacks, cybercriminals’ tactics to bypass MFA are becoming more sophisticated and we’ll surely see them being used even more next year.
- Professionalisation of Refund Fraud-as-a-Service will continue to rise in popularity—As shown in the rise of ransomware-as-a-service attacks, cybercrime has shifted to a service-based economy and enabled several new professionalised hacking services to rise in popularity over the last few years. The latest one is Refund Fraud-as-a-Service.
Refund fraud is the abuse of refund policies for financial gain and costs e-commerce businesses more than $25 billion every year. Those interested in committing refund fraud can outsource the process to professional social engineers. According to Netacea’s Threat Report, in the first three quarters of 2022, over 540 new refund fraud services were identified.
- Ransomware tactics will start to shift – A new report from US security companies Cyderes and Stairwell of the Exmatter-like malware shows ransomware groups have started testing ‘data destruction’ attacks meaning that instead of encrypting data for ransom, attackers simply corrupt and delete files. Immanuel Chayoya, Emerging Threat Detection Expert at SonicWall said in an interview with SC Media: “It is difficult to attribute motivations behind it but rising geopolitical tensions can be a significant factor contributing to the new tactic.” This new method of cyber extortion is very worrying and should be something companies must keep an eye on.
Although the future looks bleak, there are steps organisations can take to deal with these threats, protect all layers of cybersecurity and improve their security posture. Here’s one notable “boring but really important” change they must implement: https://www.zdnet.com/article/this-one-change-could-protect-your-systems-from-attack-so-why-dont-more-companies-do-it/.