Cyber Security Predictions For 2023

Uploaded on 2022-12-02 in NEWS-Cybersecurity News, FREE TO VIEW

Just a year ago, predictions for 2022 picked out the proliferation of ransomware as a deadly threat to business, alongside the vulnerability generated by new ways of remote working in the hybrid environment. Following the turbulence caused by Coronavirus, more organisations were negotiating the challenges of migrating their network infrastructures to the Cloud.

Another consistent theme was the chronic shortage of talent in the form of skilled cyber security professionals supported by a trained, security- aware workforce. What's the picture for 2023?

The predictions from one expert, Andy Harris, the CTO of security automation firm Osirium, repeat these themes, but with some unpleasant variations, as criminal hackers work together, evolve and become more capable, to target specific sectors victims, all sharpened by events in Ukraine. 

Hacker teams offering ‘Victims-as-a-Service’ will rise. 

For the last couple of years, threat actors have been team-based. Before cryptocurrency, they were lone wolves – or, occasionally, a loosely connected group who’d met online. Then they started working in teams, and because they were paid money those teams became tightly bonded. Over the next year we’ll see more teams divide out into skills-based groups.  
 
REvil demonstrated how successful the ransomware-as-a-service model could be, offering an end-to-end solution for attackers that included encryption software, access tools, helpdesks for victims, payment services and much more. But there’s still a market for smaller teams that focus on specific attack skills. For example, they may breach defences to acquire user or admin credentials, or even install malware to provide back door entry for use at a later date. They don’t have to take on the risk of executing the attack or handling payment; they can make good money just by selling the access on dark web marketplaces. 
 
Company intelligence may be another specialist service. For example, knowing what cyber insurance a potential victim has could reveal the kinds of defences they’ll have in place and even how much they’re insured for, so ransomware demands can be tailored. New details emerging around the MediBank breach story give an insight into just how much information and access is up for sale on the dark web. 
 
It will become more crucial than ever that organisations protect their endpoints to reduce the attack surface, and restrict access credentials – especially those that allow key changes to be made, or enable lateral movement across systems and networks – to only those individuals who need them and for only the time they’re needed.” 
 
Ransomware attacks will shift to smaller targets – and the education sector. 

Ransomware will always go where the maximum reward and minimum risk is. Attackers will target organisations that have the lowest defences, or the least resources to defend against or recover from an attack, as they’re most likely to pay. State actors will still go after large institutions like the NHS, which implement robust defences, but there are many small to mid-size companies that invest less in protection, have limited technical skills, and find cyber insurance expensive, all of which makes them easy targets.  
 
We can expect smaller scale attacks, for lower amounts of money, but which target a much broader base. The trend will probably hit education providers hard: education is already the sector most likely to be targeted by a malware, cryptojacking or encrypted attack, according to SonicWall’s 2022 Cyber Threat Report.  
 
For instance, every school in the UK is being asked to join a multi-academy trust, where groups of schools will be responsible for themselves. With that change comes great vulnerability. This ‘network’ of schools would be a prime target for ransomware attacks; they are connected, and they’re unlikely to have the resilience or capabilities to protect against attacks. They may have no choice but to reallocate their limited funds to pay ransom demands which, in turn, will affect their teaching.” 
 
Attackers will refocus on ransomware as the Ukraine conflict winds down. 

The rate of growth in ransomware attacks is currently slowing slightly – but this will prove to be a false dawn. Currently, the most successful teams of cyber-criminals are being focused on attacking Ukraine’s critical infrastructure. The second that conflict is over, all the technology, tools and resources will be redeployed back into ransomware attacks – so organisations and nation states alike must not become complacent.” 
 
Cyber insurance will become a board-level issue. 

Cyber insurance will get more expensive, and more difficult to acquire, with increasingly heavy requirements on clients to take all necessary and reasonable precautions before they can buy it. Insurers are also less likely to pay out – and the more claims there are, the more they’ll push back. 
 
As a result, more organisations may decide not to take out insurance at all, instead focusing on ploughing resources into protection. If this happens, we can expect to see insurance companies partnering with big consulting firms to offer joined up services. Rule no.1, insurance always wins! 
 
Pointless it may be, if insurers are never going to pay out…but buying cyber insurance may simply become a necessary cost of doing business – a box that must be ticked to demonstrate to shareholders that all steps are being taken to protect the business, and ensure resilience and continuity.  
 
Proof that privileged access credentials are being protected is one of the requirements increasingly being demanded by cyber insurers. Organisations should invest in solutions that will manage these powerful accounts, without impeding the productivity of their employees.” 

Andy Harris is Chief Technology Officer at Osirium

You Might Also Read: 

Privileged & Protected - Managing Access At The Endpoint:

 

« Ensure Your Organisation’s Staff Has Cyber Security Awareness For 2023
How to Combat Common Information & Collaboration Security Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CoSoSys Endpoint Protector

CoSoSys Endpoint Protector

Endpoint Protector by CoSoSys is an advanced all-in-one DLP solution for Windows, macOS, and Linux, that puts an end to unintentional data leaks and protects from malicious data theft.

Institute for Critical Infrastructure Technology (ICIT)

Institute for Critical Infrastructure Technology (ICIT)

ICIT is a leading cybersecurity think tank providing objective research, advisory, and education to legislative, commercial, and public-sector cybersecurity stakeholders.

Norwegian Center for Information Security (NorSIS)

Norwegian Center for Information Security (NorSIS)

NorSIS) is an independent organization that works to increase knowledge and understanding of information security for businesses and individuals.

Cycura

Cycura

Cycura provide advanced, customized, and confidential cyber security services, cyber investigation services, and digital forensic services to governments, companies, and organizations.

SecureMe2

SecureMe2

SecureMe2 ‘s mission is to make organizations more responsive to digital threats by deploying smart technology in a highly accessible way.

Findcourses.co.uk

Findcourses.co.uk

Findcourses is a dedicated education search engine designed to make it easy for our learners to search and find exactly what they need from our community of trusted training providers.

Transmit Security

Transmit Security

The Transmit Security Platform provides a solution for managing identity across applications while maintaining security and usability.

Turnkey Consulting

Turnkey Consulting

Turnkey Consulting is a leading provider of Integrated Risk Management (IRM), Identity Access Management (IAM), and Cyber and Application Security.

Telefonica Global Solutions (TGS)

Telefonica Global Solutions (TGS)

Telefonica Global Solutions is the technological partner of wholesalers and enterprises, helping them to achieve the digitalization they need.

Quantum eMotion (QeM)

Quantum eMotion (QeM)

Quantum eMotion is a Montreal-based advanced developer leading the way towards a new generation of quantum-safe encryption for the quantum computing age.

We Hack Purple

We Hack Purple

We Hack Purple is a Canadian company dedicated to helping anyone and everyone create secure software.

US Insider Risk Management Center of Excellence (US-InRM)

US Insider Risk Management Center of Excellence (US-InRM)

The US-InRM Center of Excellence is a nonprofit organization dedicated to promoting private, public, and academic partnerships to foster knowledge sharing and resources to mitigate insider risk.

Cloudaeris

Cloudaeris

Cloudaeris is a trusted Microsoft Partner, and we've got what it takes to make your business more efficient and agile.

Alpha Echo

Alpha Echo

Specialising in security advice and enterprise-wide Cyberworthiness, Alpha Echo helps Australia deliver on cyber outcomes at a military grade level.

Quantum Dice

Quantum Dice

Quantum Dice is an award-winning venture-backed spinout from Oxford University’s world-renowned quantum optics laboratory.

TENEX

TENEX

TENEX is a cybersecurity company leveraging advanced artificial intelligence and human expertise to transform enterprise security.