February 28, 2023
I know, I know, we are a bit late with this one, but better late than never 🙂
What everyone writing these predictions loves is that no one ever goes back to the predictions you made a year ago and changes your salary based on all the incorrect guesses you made. It really is closer to a freestyle art than engineering: there’s always an assumption that something might not work out in practice.
With this in mind, let’s see what we see whenever we look into our magic crystal ball.
Security Predictions for 2023
System Complexity Will Continue to Grow and It’s Bad for Security
Every year, new layers are added to existing systems, and new systems are created and connected without proper asset management, while people leave organizations without appropriate documentation on how things work. Systems are becoming more complex, but secure systems are simple. Complexity is the enemy of security.
Low-tech, High-loss Attacks Using Unfiltered Channels
As e-mail spam filters become increasingly sophisticated, attackers use new, unfiltered channels to contact their victims. From text messages to encrypted chats like WhatsApp or Telegram, to new and obscure platforms, attackers find new ways to spam people every day. End-to-end encrypted chat messages are stimulating these activities, as running any central spam filtering solution is impossible. It is possible to run the spam filter on the device after the message is decrypted, but it has drawbacks like performance, storage, and security.
Meanwhile, scams like “Business E-mail Compromise“, or “Pig Butchering” liquidity scams can do a lot of damage to their victims. While many low-tech attacks require a lot of involvement from the attacker, they are quite efficient ways of gaining a lot of value from the victims.
Rise and Fall of Ransomware
As it was predicted years ago, more and more people have proper backup solutions with tested recovery procedures. This means fewer and fewer ransomware victims are willing to pay for the decryption keys after a ransomware attack. This forces ransomware groups to change tactics. Now, before encrypting crucial data, attackers also steal important company information, such as e-mails, and try to extort the companies. If they don’t pay, the stolen e-mails are published. This tactic has already worked in some cases, but we expect this to be a less lucrative business than ransomware used to be.
Cyber Insurance vs. Ransomware
Many companies have started looking at the ransomware threat problem straightforwardly: let’s pay for cyber security insurance, and if the company gets hacked, we pay the ransom and move on. Unfortunately, ransomware threat groups quickly figured out what was going on and started collecting information on which companies are insured and the maximum amount they could pay. This changed the game, as cyber insurance fueled ransomware payouts in the past, and some insurance companies started seeing that this was not a good business for them. We’ll need to wait and see how companies deal with this challenge. For a start, we suggest following the basic principles and not getting lost in the daily hysteria. Asset management, network segmentation, and least privilege are not trendy, yet, they can save the day.
Did you know that more and more threat actors have started to pay insiders to get access to company resources? Combine this trend with poor identity management, unrevoked access priviledges, and a single disgruntled/fired employee can become a ticking time bomb.
IoT Attacks on the Rise
Managing IoT devices is complicated because the ecosystem is highly heterogeneous: different types of devices, manufacturers, models, and CPU architectures. Luckily, this means that attackers also have a hard time creating attacks that would work against a significant amount of devices. Nevertheless, we see a trend that IoT devices increasingly use the same 3rd party components, the same operating system (Linux / Busybox), and share the same vulnerabilities.
No crystal ball can predict the future of cybersecurity, but one thing is certain: attackers will not take a break in 2023, and you should stay vigilant as well.