As we enter 2023, the cybersecurity threat landscape can be described as being in a state of “in-between.” The disruption caused by the COVID-19 pandemic has subsided, but the world has yet to fully emerge from it. The shift of company assets to digital environments has resulted in complex, multi-layered digital spaces that are prime targets for cyber adversaries looking to exploit any lack of visibility.
To help organizations prepare for the coming year, Trend Micro has identified key trends and predictions that will help C-suite executives and cybersecurity professionals to better defend digital environments across different types of organizations. These insights will be crucial in raising awareness about the digital attack surface for the year ahead and help organizations to strengthen their cybersecurity posture.
Shapeshifting ransomware business models will become a bigger avenue for data theft and blackmail
The ransomware arena is set to undergo major upheavals in 2023, with malicious actors seemingly beset on all sides: international law enforcement has been cracking down on ransomware activity with the promise of cybercrime-related sanctions. On top of these decisive blows to their notoriety, Trend Micro foresees that the double extortion tactics that were widely adopted among ransomware circles will no longer be the devastating one-two punch they once were, as defenders will continue to build a resilience to ransomware attacks.
However, ransomware actors may adapt by turning their attention to the cloud. With more companies migrating their assets and critical data to the cloud, and Gartner projecting that worldwide spending on public cloud services will reach up to US$592 billion in the coming year, the criminal element will have little recourse but to follow cloud adopters if ransomware operations are to stay relevant and profitable.
Inconsistent application of cloud technology will hurt enterprises as adoption of new tools increases
In the past three years, enterprises have rapidly adopted cloud technology to support remote work and contactless solutions. This trend is expected to continue in 2023, with Forrester projecting a significant increase in cloud adoption in the financial and regulated sectors. As a result, businesses must be prepared to address security issues related to the inconsistent implementation and misconfiguration of cloud technology.
One potential attack surface to watch out for is cloud application programming interfaces (APIs) on connected cars. Many new car models have built-in embedded-SIMs (eSIMs) that are used to transmit telematics data, communicate with back-end cloud servers, and create Wi-Fi hotspots, among other functions. As cars become increasingly sophisticated computer systems, it is crucial that they are secured with the same care as enterprise systems to protect against any potential vulnerabilities.
The enterprise perimeter will expand into the home as users become more comfortable in a hybrid work environment
While hybrid work arrangements were not unheard-of prior to the COVID-19 pandemic, gone are the days when a company’s security posture was limited to on-premises networks, with more organizations embracing flexible work models that will be the norm by 2024.
But security gaps are bound to arise from a remote workforce whose devices are constantly moving back and forth between corporate networks and their own home networks. In the year ahead, Trend Micro expects imaginative cybercriminals to take full advantage of hybrid work setups that are on course to becoming the status quo with a surge of attacks involving network-based worms, or target at-home connections linked to virtual private networks (VPNs) as a means of lateral movement.
Moving forward, enterprises can accommodate the needs of both their in-office and at-home employees with a zero trust approach. Having a zero trust environment in place where the identity of all devices, users, and apps are assumed to be vulnerable and must be explicitly verified — and even then, are only granted least-privilege access — cuts down the likelihood of bad actors establishing a foothold into a network.
Social engineering is an evergreen threat that will continue to reach across industry lines and user bases as attackers adopt new technology like deepfakes
As economies and technologies continue to evolve, attackers can always count on human fallibility as a constant. This is why social engineering-based attacks will remain popular in 2023, with a rise in more complex romance scams. Online fraudsters will continue to target lonely individuals, using fake user profiles to lure potential victims into a romantic relationship and trick them out of their money.
Another area where scammers will retrofit traditional techniques with modern tools is in business email compromise (BEC), in which attackers impersonate high-ranking executives over email to defraud a company. This type of scam will continue to plague enterprises in 2023. The market for BEC is expected to increase at an annual compound rate of 19.4%, and although the use of open-source email security software will impede this growth, BEC remains a lucrative criminal venture. Losses resulting from BEC attacks are expected to reach around $2.8 billion by 2027.
Deepfakes will also have a wide range of use cases for cybercriminals in 2023, enabling them to impersonate victims to trick banking establishments, cryptocurrency services, or even create user accounts for identity theft. Businesses must be aware of these potential threats and take measures to protect themselves and their customers.
The hype surrounding digital novelties like NFTs and the Metaverse will keep waning, but the blockchain technology on which they’re built is going to be where the real action is
Though the buzz surrounding digital currencies has also taken a hit thanks to an abundance of scammers seeking to infiltrate users’ crypto-wallets and steal their mnemonic seed phrases, the internet at large won’t completely write these off because they will remain useful for users and attackers alike. Cryptocurrencies like Monero, equipped with privacy features that give attackers more freedom to operate with anonymity, will still be widely used by malicious actors for fund transfers. But considering the volatility of digital currencies, Trend Micro foresees people cashing out to a fiat currency quickly instead of storing funds in their wallets to get ahead of drastic market drops. This change in user behavior will, in turn, motivate malicious actors to carry out more money laundering schemes.
Trend Micro also predicts cryptocurrency-related attacks to keep coming out of countries where attackers have developed a specialty for targeting digital assets. In 2022 alone, specific hacker groups have been eyed as suspects in high-profile heists such as in the online game Axie Infinity whose users can earn cryptocurrency while playing.
Attackers will further capitalize on vulnerabilities and intrude through overlooked attack surfaces like open-source software
Malicious actors in 2023 will be banking on busy companies neglecting to review and replace outdated protocols in their networks — a dangerous oversight that could open the door for cyberattacks.
Overlooked parts of device security, like router use, will also invite unwanted attention from cybercriminals: Attackers that want to go under the radar will likely take advantage of an organization’s lack of visibility over devices connected to their corporate networks, especially if these organizations have been negligent in updating the firmware or maintaining activity logs.
Industrial entities will top off their tech stack, but must contend with staff shortages and new regulations
In the face of a possible recession, companies may be tempted to play it safe, but in times of crisis, opportunity costs are often lower, freeing up budgets for digital transformation without negatively impacting the bottom line. As the economy may slow down in 2023, mature companies will invest in advanced technology such as 5G connectivity, which will open up new use cases and market opportunities for enterprises along their industrial internet of things (IIoT) journey.
Additionally, more original equipment manufacturers (OEMs) are likely to release offerings and solutions that incorporate artificial intelligence (AI). For companies looking to digitize their plants, AI-powered tools promise to be a powerful force multiplier of efficiency, enabling them to better predict customers’ purchasing behaviors and automate complex tasks for human operators overseeing their industrial assets. As manufacturers turn to IT to gain a competitive advantage, malicious actors will also capitalize on this emerging technology to increase their attacks in terms of automation and probing, making offensive AI a looming threat that should be on manufacturers’ radar in the coming years.
The increased integration of IT and OT brought about by these transformative technologies will prove to be a double-edged sword for industrial companies, especially those that keep security strategies for their IT and OT infrastructures separate. While this convergence enables them to monitor their operations more closely, it also exposes organizations to unforeseen threats. In 2023, we anticipate an upward trend in IT-based cyberattacks inadvertently affecting OT systems that are connected to IT networks, and even worse, revealing OT systems as an underutilized attack vector through which malicious actors can move laterally between OT and IT environments. It is crucial for companies to develop a comprehensive security strategy that addresses both IT and OT infrastructure to mitigate these emerging threats.
Enterprises will veer away from the point-solution approach to cybersecurity
In 2023, more and more enterprises will realize the need for a more comprehensive cybersecurity strategy. Many companies currently rely on a variety of disparate, siloed point solutions that address specific threat issues, but these tools are no longer sufficient to protect against the increasingly sophisticated cyberthreats that organizations must contend with, particularly in the cloud-native era.
As a result, demand for a unified cybersecurity platform is likely to increase among organizations that need expanded visibility over their growing assets across various environments, networks, and operating systems. Companies will need to be able to detect malicious activity on a larger scale to fend off attacks from more methodical and professional malicious actors. A platform-based approach integrates a cybersecurity vendor’s own offerings with third-party tools, not only streamlines the user experience but also provides defenders with enterprise-wide visibility and telemetry across their IT infrastructure, allowing them to map out their attack surface.
Looking Ahead to 2023
Trend Micro’s predictions for 2023 outline the trends and risks that will shape the cybersecurity landscape, based on the observations and research of the company’s security experts. To prepare for the evolving threats that will arise in the coming year, organizations need to have a multilayered defense plan that includes mitigation measures such as implementing a zero trust strategy, investing in user education for employees, increasing transparency with a comprehensive security platform, performing stress tests to uncover weaknesses in IT infrastructure, and taking inventory of cloud services to reduce cloud bloat.
The challenges of cloud migration, remote working, and software development will test the resilience and readiness of security teams in 2023. To navigate the uncertainties in the security landscape, defenders need a set of protections that can assess and minimize the risk of compromise on multiple layers. But more importantly, their organization’s defense strategy needs to be based on reliable insights into the threat life cycle in order to effectively defend against cyberthreats in 2023 and beyond.