Threat experts share their cybersecurity predictions for 2023

Cuba has published its first cybersecurity law, a measure that critics have dismissed as a tool to limit political and civic freedoms – © AFP/File STEPHANE BENTURA

How will cybersecurity develop as we approach 2023 and what are the likely key trends for the coming year, both in terms of the threat landscape and the types of technologies and processes companies will need to develop to to defend oneself ?

To get an overview, Digital diary spoke with experts at LogRythm. From these conversations, a disturbing emerging trend emerges: Cyberattacks will thrive in an economic downturn.

It is also likely that there will be changes in tactics in terms of what cybercriminals do. For example, ransomware operators are set to replace data encryption with corruption.

The first expert in place is Kevin Kirkwood, Assistant CISO. Kirkwood begins by identifying the top business target: “Supply chain attacks will continue to be one of the biggest threats to businesses using open source software.”

It follows, says Kirkwood: “Organizations should be on high alert for supply chain attacks if they are using open source software. In recent years, hackers have become more strategic when it comes to exploiting open source software and code. 2023 will be no different. Bad actors examine code and its components to gain a deep understanding of its flaws and the most effective ways to exploit them.

To stay ahead of the curve, Kirkwood recommends taking a broader base of thinking: “Most people think of ‘supply chain attacks’ as an attack on the physical pipeline that will stop people from producing physical products. Software supply chain attacks are similar in nature to the physical world. Developers use libraries, executable code, and code snippets to complement their software products. If these elements are compromised and malicious code is inserted into these elements, the end product that the developer has produced becomes a means for threat actors to compromise the product and potentially gain access to the system that hosts the software.

These vulnerabilities fuel recommendations for business activities: “In 2023, we will see malicious actors attacking vulnerabilities in open source vendors at their fingertips with the intention of compromising the global supply chain that uses third-party code. Attackers will infect open source repositories and chrome stores with malicious code and wait for developers and other end users to show up and grab new sources and plugins. Without a robust scanning program and an “organized zone” for source code and plugins, businesses will continue to be at risk.

Kirkwood is also concerned about the current economic situation, noting that during an economic downturn, cyberattacks will thrive. He notes, “When it comes to malicious attackers, organizations need to be acutely aware that we’re not talking about machines or software on the other end, we’re talking about creative human beings who are driven and will do whatever it takes to achieve their goal of receiving more money.

Kirkwood adds, “As organizations balance international turning points with Russia’s war in Ukraine while downsizing their operations, threats will inevitably continue to evolve as cybercriminals seize this chance to up their attack game during recession. Therefore, it is crucial that all organizations be proactive with their security strategies and adopt endpoint technologies and other security solutions that provide preemptive capabilities.

The second expert is Andrew Hollister, CISO. Hollister fears that ransomware operators will stop encrypting in favor of corrupted files. As he explains, “Ransomware has been a continuously developing attack vector over the years and is perhaps the single common threat keeping all CISOs up at night. In 2023, we will see ransomware attacks focus on corrupting data rather than encrypting it.

Elaborating on these risks, Hollister notes, “Data corruption is faster than full encryption and code is immensely easier to write because you don’t need to deal with complex public-private key management or provide code. complex decryption to reverse the damage. once the victim has paid. Since almost all ransomware operators already engage in double extortion, i.e. exfiltrate data before encrypting it, the option to corrupt data rather than engage in encryption effort has many attractions. If the data is corrupted and the organization does not have a backup, this puts the ransomware operators in a stronger position, as the organization then has to either pay or lose the data. Therefore, the importance of backing up critical business data has never been greater. »

Hollister also predicts a trend to take place with IT. Here, cybersecurity budget conversations will focus on securing critical business assets.

Looking at the drivers of this, Hollister notes, “During difficult economic times, an organization’s management will focus on reducing what it perceives to be non-essential costs. It is critically important that when leaders think about cybersecurity budgets, they take the time to carefully analyze and understand what they are protecting from a business perspective.

This leads Hollister to its final recommendation: “As cyberattacks continue to increase, I anticipate that more and more organizations will redouble their efforts on frontline prevention and detection technologies to stay safe and aim to consolidate cybersecurity tools wherever possible.”

Comments are closed.