This post is part of our 2023 cybersecurity prediction series.
Attacks will be harder to catch.
During this last year we saw the threat group Lapsu$ appear in headlines, using a unique range of scrappy tactics to compromise organizations and exfiltrate valuable data with a rapid smash and grab approach. This should be a wake-up call for defenders and security leaders that time has run out on the previous luxury of building strategies around tidy linear attack chains with numerous events to detect, known indicators, and predictable adversarial techniques. The time is now to prepare for this new wave of potential threats that will surely come in 2023 and the years to follow.
Supply chain attacks will increase as adversaries compromise partner and supplier ecosystems.
The world’s top organizations often have the best security in place—but the same may not be true for their suppliers and partners, with third-party access to supporting networks, systems, and information. We saw this in the recent compromise of Okta by the rogue hacker group Lapsus$, and in REvil threatening Apple via Quanta Computer, a top manufacturer of Apple products. These groups and many others used supply chain attacks to access sensitive upstream information using supplier access without ever having to breach the hardened security measures of their final targets.
Organizations will need to beef up security beyond endpoint protection.
Ransomware groups will increase use of tactics to bypass antivirus and other endpoint security controls. Organizations will have an even greater need for defense-in-depth rather than relying solely on endpoint security to prevent and detect intrusions.
Securing and reducing power consumption will become more of a priority for all businesses.
A shortage of gas and electricity will focus companies on reducing their power consumption and cost. Also, on the producer side we will see a huge push on securing new renewable infrastructure such as solar and wind. Organizations will strive to reduce their energy use and will look for cost-effective mechanisms to inform them about consumption, with IoT monitoring providing a means. Energy reduction will be an important part of ESG objectives, which will have a high priority not just for investors but also brand reputation as companies strive to establish their progress towards carbon neutrality.
Encrypted data exfiltration for extortion will surge.
As more ransomware adversaries adopt multi–extortion tactics to make victims pay, you can expect to see rising incidents of sensitive data theft. To bypass firewalls and other legacy security technology, adversaries encrypt data troves before transferring them out of the target’s environment.
Cybercriminal interest in Ransomware-as-a-Service marketplaces will result in more attacks over encrypted channels.
Criminals can now simply pay for powerful malware and attack resources, allowing them to wage sophisticated attacks regardless of their own technical prowess. As the as–a–service model gains further popularity, more and more attacks will include evasive tactics, including encryption.