Geopolitical threats, supply chain issues and phishing scams -- cybersecurity predictions for 2023
The cybersecurity world never stands still, with threats and the technology to combat them constantly evolving.
That makes predicting what might happen difficult, but we can still extrapolate current trends to get an indication of where things might be headed. Here are some expert predictions for cybersecurity in 2023.
Ilkka Turunen, Field CTO at Sonatype, thinks open source software will remain an attractive target for attackers. "Open source is a great success story for the tech industry, but on the flipside, software supply chain attacks have increased an average of 742 percent yearly since 2019, and there's no reason to believe next year will be different. Open source software is an attractive target for bad actors -- it's widespread and easy to publish to. Much in the same way you can't just insulate a building with just any materials, 2023 will be the year organisations realise they must take a less gung-ho mentality to the components they include in software."
This view is echoed by Marc Woolward, CTO and CISO of vArmour. "In 2023, one of my top priorities is addressing cybersecurity and operational risk in the software supply chain, especially as regulators continue to enact guidance about protecting critical business functions and confidential data in this area. From PyPI to Lapsus$, attackers are taking full advantage of the vulnerabilities in third-party applications, and the fact that businesses can't stop them. I'm focused on helping my customers understand their IT supply chain from the inside-out -- whether it's their applications, their data flows, their code or their people -- and put dynamic policies in place to control it. It’s only through that inside-out view of the supply chain (via observability technology and a Software Bill of Materials) that we can fully assess enterprise risk and the context surrounding it, choose what security strategies to prioritize, and then close the everyday vulnerabilities in enterprise software that attacks so easily take advantage of."
Brian Behlendorf, general manager of OpenSSF, believes industry and governments must be alert in 2023 to protect critical infrastructure against cyberattacks:
Critical infrastructure is at risk. There's a very real possibility that 2023 could be the year cyber attacks threaten our trains, national grids, nuclear power plants, and even our cars (many of which today have over 100 computers). No one has ever been right betting that cyber attacks will slow down. For that reason, we should expect ransomware and theft of digital assets to ramp up in 2023.
An immense amount of effort is already being poured into staving off cyber threats from foreign nation-state actors, but it’s not enough. The US and especially Europe will need to invest more in better software supply chain management and cybersecurity for critical infrastructure. Open source software cannot be ignored in this equation. It’s the bridges and highways of the software supply chain, making up 75-90 percent of all code base. Like every road and bridge, it needs to be maintained with care, or else we will keep running into car crashes like the SolarWinds and Log4Shell incidents.
Immanuel Chavoya, threat detection and response strategist at SonicWall, also believes we'll see more geopolitically-motivated attacks. "When it comes to protecting against threats of geopolitically motivated attacks, the present call to action is to be proactive, rather than reactive, to an assault. Attacks such as targeted malware or vulnerability exploitation could be used to inflict chaos on critical infrastructure such as healthcare, electric utilities, financial institutions, and oil and gas. These attacks tie up resources, cause financial damage, and send a signal. In 2023, organizations and governments will need to be prepared by ensuring that they don't have any issues that could become low-hanging fruit for attacks and closely monitor their network activity for quick identification of and reaction to any attack."
The economic downturn will drive more sophisticated cybercrime says John Stock, product manager at Outpost24. "The current economic climate means individuals and businesses are tightening their purse strings and may not be in a position to withstand the financial impacts of cybercrime. Unfortunately, at the same time, cybercriminals will be looking for new ways to make a quick buck, fueling a growth in online fraud from the most basic scams to highly sophisticated ransomware extortion. As fraud becomes more mainstream and consumer-focused in 2023, businesses and individuals alike will need to keep an eye out for evolving scams and educate themselves on the latest tactics as cybercriminals look for even more elaborate ways to carry out their attacks."
Rick Vanover, senior director of product strategy at Veeam, says AI will have a role to play in combating attacks. "Ransomware, phishing attacks, and data breaches have become all too familiar among organizations, and while these attacks are not new concerns, it has and will consistently take its toll on industries. What's more, bad actors show no sign of stopping. To combat these ongoing and evolving attacks, AI and machine learning will be beneficial and organizations look towards these tools as we approach another hyperactive cyberthreat landscape in 2023. When implemented, AI can protect individual projects and core ecosystem services, while identifying deployed open-source programs and applying an automated security analysis."
Alberto Yepez, co-founder and managing director of Forgepoint Capital, thinks businesses will increasingly turn to third-party providers to fend off threats:
In 2022, the cybersecurity landscape grew increasingly more complex, resulting in frequent and harmful activity from threat actors. Yet, market conditions limited ways to combat these threats as CISOs and other security decision-makers have been traditionally pressured to do more with less. Out of these challenges emerged a serious need for organizations to shore up their defenses in a holistic yet affordable way. Cue: Managed Service Providers (MSPs) and Modern Managed Security Services Providers (MSSPs).
With the opportunity to fill specific pain points within small and medium businesses (SMBs), MSPs and MSSPs have delivered unparalleled strength for organizations -- providing both the financial ease of working with one vendor as well as the security strength to sharpen defenses. With the current market penetration being around 30 percent, the shift to a broader uptake of MSPs and MSSPs will only increase in the new year as organizations look to solve the issues created by large security stacks. Providers that offer both preventative and reactionary security tools, along with partnerships with cyber insurance and remediation experts, will have the edge.
Mark Lee, the CEO of Splashtop, believes the increase in home working will lead to more phishing scams. "With more targets staying home in the coming year, we will see an increase in remote access scams: phishing campaigns that impersonate popular companies like subscription services, then trick people into installing remote access tools that enable attackers to deploy malware. As with all phishing campaigns, companies will need to take proactive steps to mitigate this threat, including regular employee training, encrypting critical data, and ensuring strict compliance to security patches and updates across their extended enterprise."
Ryan Kovar, distinguished security strategist and leader of Splunk's SURGe research team, thinks we'll see cybercriminals moving away from cryptocurrency. "Ransomware gangs are going to move away from cryptocurrency, less because of financial instability, though that’s a factor, and more due to the traceability. Ultimately, crypto is not really anonymous, but if you're a criminal who lives in a country that supports, sponsors or doesn’t care about cybercrime, then you're probably not getting prosecuted easily unless you really tick people off."