The past few years saw rapid development and transition, from users adopting new kinds of contactless technology to enterprises and governments moving further and further into the cloud. Companies expand their digital footprint, and with it their attack surface, leaving cracks in security that cybercriminals eagerly search for and exploit. These criminals continue to become more methodical and professional, building effective and efficient business models to maximize their profits.
Critical events across the world will continue to affect the global economy in 2023. It will be a year of caution because of the uncertain political climate, erratic supply chains, inflation, and pressing trade concerns. These ambiguous conditions will compel everyone, including cybercriminals, to shelter in place and mainly rely on tried and tested methods. Cybercriminals will still be active and create new schemes, but many will stick to old tools and techniques. Security and protection from these motivated groups should be paramount for enterprises, however, corporate spending on cybersecurity tools will be limited by fiscal concerns.
In terms of the workforce, many office employees have become comfortable with remote work in a post-pandemic world. In fact, hybrid environments have not only become the norm, but the preferred situation for many employees. This environment, as well as new technologies being adopted, presents a unique and expanded attack surface.
Trend Micro’s 2023 Security Predictions looks at the whole security landscape as well as the pieces on the surface. Our forward-looking cybersecurity forecasts identify threats relevant to different kinds of people, from government organizations and security organization centers (SOCs) overseeing security for multinational companies, to ordinary technology users.
Scam artists existed before the internet, and they continue to grow with it. In 2023, social engineering threats will adapt to the new technologies being implemented by enterprises for hybrid workers; they will also target a population that increasingly makes financial purchases and investments online.
We predict that business email compromise (BEC) scams will develop, further harassing global enterprises with increasingly targeted schemes. For ordinary individuals, romance schemes will be a focus in 2023. Deepfakes will also be a bigger issue after seeing underground forum users planning to use deepfakes to fool financial institutions in 2022. Social engineering is versatile, cheap, and available even to scammers with limited knowledge of technology.
Data will be the main target for cybercriminals in 2023 since it is a lucrative asset that can be used in many ways: ransom, identity theft, extortion, targeted advertising, and more. We see that there are critical data threats present in Windows and Linux machines, and we expect that breaches of databases will continue unabated. Ransomware will be one major vector for data theft — it is still a looming threat and continues to be adaptable to different types of criminal operations. Ransomware actors will be a continuous avenue for information theft and groups will blackmail enterprises by threatening to expose data breaches publicly.
Ransomware groups will adopt different operational models if they identify more lucrative targets. In 2023, we expect them to keep the same kill chain but replace the ransomware payload with one that will allow for further data extortion. We will also see new attacks like cloud-aware ransomware. Since more businesses are storing their critical data in the cloud, ransomware groups have no choice but to follow. Ransomware actors react to security strategies from law enforcement, governments, and the private industries: cloud adoption, hardening networks, sanctions on cybercriminals, regulation of cryptocurrency, data breach legislation, and others.
Many employees are already used to the hybrid work model — a situation where some days they work from home and other days they work in the office. This involves work devices constantly moving between zones of security, from a secured office space to a shared home network. To combat the security issues that arise with this, enterprises will turn to zero trust models.
We expect that threat actors will further target home devices, knowing that home office equipment is connected to enterprise resources. There will be a gradual rise, followed by an explosion, of attackers that will pivot into home networks connected over VPN and try to move laterally into the enterprise from there. Using this method, attackers can compromise the network they are currently targeting, and also line up several other networks compromised to follow up on later.
Some of the biggest shifts in the past three years have been the speedy migration to the cloud, adoption of newly created cloud technology, and the integration of these changes into the hybrid work environment. The biggest challenge for enterprises is inconsistency. There are certain policies and changes implemented in one cloud app that might be implemented completely differently in another.
This happens because the abilities, features, and costs structures are different for each cloud vendor. We expect that security issues will occur as a result of this inconsistent application since many chief information security officers (CISOs) are not yet familiar with the new technologies or do not have the bandwidth to oversee all cloud vendors. We also anticipate misconfigurations from the user side, and some issues from the developers as well. Cloud developers are becoming increasingly agile and may put security on the backburner as they progress with their development.
One new attack surface worth watching out for is cloud APIs on connected cars. A couple of factors will create security issues for these moving computer systems. Firstly, connected car applications are new and still being developed, so their capabilities against cybersecurity threats are unclear. Connected cars are also a system of systems, with multiple vendors providing multiple pieces, and security will be hard to guarantee for each of these vendors.
Mature companies will seize any economic slump that may come in 2023 as an opportunity to invest in new technology at minimal risk of disruption to their operations or budget. Specifically, we’ll see more organizations finally making the move to 5G networks and artificial intelligence (AI) integration, an important step on their path to the industrial internet of things (IIoT). But security blind sides will remain even while businesses are busy innovating, thanks in large part to the tech skills gap.
The operational technology and industrial control systems (OT/ICS) of industrial companies will be especially impacted by the lack of expert manpower needed to manage and secure entire networks of smart factories. This skills shortage will make it even more difficult for Industry 4.0 companies to stay up to date with an influx of additional regulations for OT/ICS systems that we expect to see in the coming year. We’ll anticipate a demand among various industries for more vertical requirements in 2023, but companies will be expected to comply with government-mandated directives as well as follow new industry-wide standards.
Cybercriminals are more structured and professional than ever before, and their business models are built for global targets and lucrative financial goals. Their creative and widespread approaches mean that customers need equally creative and thorough protection. In the next year, new attack combinations will bypass simple point-based solutions. Customers need to detect cybercriminal actions on a global and comprehensive scale to be able to stay ahead of cyberthreats in 2023 and beyond.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale