2023 promises much on the horizon with regard to the development of new technologies, innovations, and gadgets. As always, novel threats often lurk in uncharted territory, and this is especially true within the cyber landscape.
What are the things to look out for in 2023 to ensure you stay protected from cyberattacks?
Cybersecurity professionals are becoming increasingly aware of cyber-warfare tactics used by hackers that look to be acting on behalf of nation-states.
Using threat actors to cause disruption is a clever way for nations to act out their malicious intent towards rival states. This is because it’s notoriously difficult to trace cyberattacks back to a proveable source.
Initial success in these methods has cultivated an emboldened approach to veiled attacks from certain states.
In February of this year, the Cybersecurity Advisory (CSA) — a multinational conglomeration of cybersecurity bodies — issued a warning that highlights state-sponsored ransomware attacks from North Korea, targeting US healthcare and public sector services.
In recent years, the strength of Russian cyber capabilities has been well-documented. Russian aggression in Ukraine resulted in blackouts and disruption to the Ukrainian financial and government sectors.
Hacking group, Conti, was an infamous outfit that was notoriously backed by the Russian state. Throughout 2022, Conti went on a spree of attacks in which they successfully infiltrated enough organizations that saw them publish data from 46 different sources in one month alone.
Due to the tensions emanating from the Russia-Ukraine conflict, threat actors are becoming more politically motivated. Consequently, tit-for-tat cyber-skirmishes are becoming more frequent with groups acting on their allegiances.
Although no longer active, it is believed most Conti members have spun off into other ransomware groups. These groups are pro-Russian and seek to act in Russia’s interests. Therefore, any state or group that explicitly supports Ukraine’s cause is likely to be a target of these new outfits.
The implications of state-backed cyberattacks are widely considered so severe and substantial that insurance providers are in discussions with the UK government as to whether its terrorism reinsurance scheme should cover state-backed cyberattacks.
AI & other consumer tools
Threat actors have incorporated consumer tools such as social media, AI, and chatbots into their arsenal.
And one tool that’s particularly in the spotlight is ChatGPT.
ChatGPT is an AI chatbot that’s gained in popularity on the dark web as a vector for writing malicious code. The technology is being hijacked by third-party users that utilize the tool’s machine learning to compensate for the user’s lack of skill, making complex tasks more achievable. In turn, this opens up the possibility of malicious activity to a wider market of people.
When legitimate users deploy AI or ChatGPT, the code will likely work, but it’s not certain that it will be secure, leading to an upsurge in security gaps. This means that security providers will need to proactively target these potential weak spots.
On another note, there have been other security concerns raised with ChatGPT recently, too. The site had to be taken offline when it was found that a bug had caused users to be able to see parts of conversations ChatGPT had with other users. Further to this, OpenAI, the creators of the bot, also said that user payment information may have been compromised.
Although this is nothing to do with the AI component of ChatGPT, it highlights the need for users to be careful when divulging sensitive information online.
Cybersecurity talent gap
Workers with specialization in cybersecurity are becoming increasingly sought after.
The cyber industry has widely acknowledged the importance of robust cybersecurity mechanisms as the evidence for increasing breach events — and their severity — seems to be mounting all the time.
According to the (ISC)2 2022 workforce study, there is still a need for more than 3.4 million cybersecurity professionals and this talent gap is only expected to grow in line with the ever-increasing uptake of cyber technologies.
In short, staff with the right expertise and skills needed to safeguard companies from the very real danger posed by threat actors are crucial for running effective cybersecurity services. If the demand is not met, then the outlook for organizations will be an unsettled one.
The human element
Organizations have caught onto the fact that hackers find it more challenging to breach perimeters that are protected by multi-factor authentication.
In response, threat actors have changed tack and seek to exploit human error instead.
This is illustrated by hackers deploying faux access requests for accounts that are protected by MFA. They look to trick users by inducing human error — a lapse in judgment or concentration that gives the hackers the opportunity they’re searching for.
Phishing exemplifies this methodology. Even the most robust cybersecurity systems can be brought down by an employee unwittingly divulging sensitive information by replying to an email that can look sincere and legitimate.
Threat actors are also leveraging the power of AI to improve the appearance and quality of the text of their phishing lures, making them more and more difficult to detect.
A major source of cybersecurity breaches can be traced back to human error, with roughly a third of events being attributed to employees. Astonishingly, roughly one-third of staff working in the cyber landscape do not even receive training on cybersecurity.
With this in mind, it’s prudent for companies to educate their staff on cybersecurity protocols. Teaching workers about what to look out for and the tell-tale signs of suspicious activity would go a long way in shoring up the defenses of an organization.
AT&T recently had to inform around nine million customers that sensitive information was exposed when a marketing vendor for the company succumbed to a data breach.
While it’s clear that AT&T themselves had protected their own infrastructure, the company had no control over the security measures that their marketing vendor applied. Third-party services become part of the attack surface and their security hygiene can affect the health of the company that they’re partnered with.
This example illustrates the need for a macro view of security hygiene — there are areas that can slip under the radar, but therein lies the opportunity for bad actors.
Choose SamuraiXDR for cybersecurity without blind spots. Request an invitation for the free private beta today!
Download theDownload Now
How XDR can Benefit Retail and E-commerce Stores
29 November 2023 | XDR
Retail and e-commerce sites have proved to be high-profile targets for security breaches. In this post we will outline how...
Cloud Misconfigurations That Lead to Data Breaches
20 November 2023 | Cybersecurity 101
Migration to the cloud has accelerated over the last few years as digital transformation has driven businesses of all sizes...
How Threat Intelligence and XDR Defend Your Business Against Ransomware
17 November 2023 | XDR
Ransomware is a specific and particularly virulent form of malware. The goal of a ransomware attack is to encrypt business-critical...