Our thoughts on the cybersecurity landscape in the coming year are based on insights gleaned from CYE’s experts. Based on our extensive data, CYE’s 2023 predictions bear in mind the realities of 2022 that will continue to feature prominently in 2023. These truisms include that threats continuously evolve, attackers become more sophisticated and powerful as time goes by, and cybersecurity professionals must keep up with the changing tactics of malicious actors.
With that said, let’s dive into what we can expect to see in the year ahead.
1. Focus on Disruption of Business
Extortion will continue to be a significant attack motive but will be offset by attacks for the sake of creating disruption without immediate monetary gains, forecasts Reuven Aronashvili, CYE’s founder and CEO.
Attacks carried out for the sole purpose of disruption will serve as a training ground and testing environment for new hackers and will be used as an initiation protocol by veteran hacking groups. We can also expect these attacks to become a means for new hacking groups to get noticed and build up their reputations, as well as to develop affiliate work and partnerships.
2. A Shift in Ransomware Crimes
Ransomware will continue to be the foremost way for cybercriminals to gain access into victims’ networks and will continue to affect medium to large corporations and government institutions. But with a more aggressive stance taken against ransomware in the U.S., criminals may become deterred and move ransomware-as-a-service (RaaS) to targets in Europe.
Ransomware and extortion tactics will also grow more personal in 2023, putting not only companies, but executives and board members at risk of attack.
“Extortion of personal data and credentials and sextortion will affect business executives, public figures, their families and friends,” predicts Aronashvili. This will bring about a growing need to provide security for executives—from home networks and environments to personal devices and accounts.
3. Continued Rise in Supply Chain Attacks
Supply chain attacks will increase throughout 2023 due to the efficiency they offer. Building on the unique capability of affecting multiple victims through a single attack route, these attacks will grow in sophistication and magnitude.
We can expect to see supply chain attacks executed by independent actors as well as by cybercriminals hired and backed by governments and state organizations, predicts Aronashvili.
4. Evolution of the Hacker Profile
We have become accustomed to thinking of hackers as organized entities operating on behalf of governments or backed by organizations. The attacker profile will change in 2023.
Security specialists are expecting to see the age of hackers drop dramatically and a shift in their motivations. Malicious actors will no longer be driven only by monetary gain. As their age drops, we will see their goals focused on earning bragging rights and garnering respect among hacker peers.
5. Countries to Watch Out for
From a geopolitical perspective, 2023 may be the year local conflicts go global and expand to include additional state and non-state players, explains Lior Bar Lev, CYE’s VP Strategy and BizOps.
We will see an increase in cyberattacks coming from superpowers or superpower-affiliated attack groups aimed at civilian infrastructure and military facilities. These attacks will attempt to undermine and disrupt civil society and will pose harm on two counts:
- In the narrow sense, they are likely to expose new zero-day vulnerabilities that require immediate patching. The targets of such attacks will be critical infrastructures like cloud or DNS, or physical entities like plants, airports, and water supplies. These attacks have likely been planned in advance for 2023.
- In the wider sense, the ripple effect of such attacks will affect many more services around the world.
The countries to watch out for in 2023 will not vary drastically from the countries that have consistently displayed hostility towards Western entities. However, according to the Mandiant Cybersecurity Report and ESET APT activity report, the threats they pose will become more nuanced.
Russia
The Russian-Ukrainian war has effectively already become a Russian-Western war, with democratic countries assisting Ukraine in its resistance. The third-party intervention in the Russian-Ukrainian battlefield opens up a new type of warfare. Cybercrime that falls just below the threshold of jus contra bellum, the International Humanitarian Law against war, has probably been deployed by Russia on its adversaries for some time, and the Western countries’ intervention might cause an increase in such attacks, notes Bar-Lev. This type of third-party alliance and potential retribution may also be at play in the China-Taiwan tension, he adds.
With Russia gradually running out of weapons, we are likely to see a renewed turn to cyber activity in an effort to continue disrupting Ukrainian civil life. Infrastructure and OT will be at the top of the target list. Security specialists also expect Russia to expand its malicious activity beyond the Ukraine to neighboring countries.
China
China’s cyber activity will also rear its head in 2023 to advance the country’s national security and economic interests. Cyberespionage and intelligence collection will be China’s core activity and its primary targets will be global organizations in the public and private sectors.
Iran
Like China, Iran will continue to pose a cyberthreat to Western entities. Iran’s primary targets in the year to come will remain Middle Eastern governments and national entities.
North Korea
North Korea’s political and economic isolation, combined with public health challenges, will inform the country’s cyberattack policy, which will be directed mainly at the U.S., Japan, and South Korea.
North Korea is taking interest in pharmaceuticals as a key industry on which to focus, and security specialists are warning global pharmaceutical companies of attack threats.
Preparing for 2023
Making it through this year unscathed is going to be about awareness and foresight. Companies of all sizes will be directly in the line of fire or second or third-degree potential victims of cybercrime. The threats will affect public as well as private entities, and individuals as well as organizations. This means that everybody should be doing what they can to assess cyber risk, build effective security plans, reinforce security measures, and have incident response plans ready to execute immediately. This approach will help companies stay ahead of the threats and come out of 2023 stronger and more secure.