2023 is a year where the cybersecurity threat landscape could be categorized as in a state of ‘in-between’: no longer are enterprises scrambling to find their footing amid the disruption caused by COVID-19, but amid the ‘new normal’, the world has yet to arrive on the other side of the pandemic. The resulting mass transition of company assets to digital environments has led to increasingly complicated and layered digital environments that will provide the ideal playground for cybersecurity adversaries looking to prey on any lack of visibility.
In a bid to raise awareness on the digital attack surface for the coming year, Trend Micro shares the trends and predictions that could equip the C-suite and every kind of cybersecurity professional in gearing up for a year of defending digital environments across different types of organizations.
Shapeshifting ransomware business models will become a bigger avenue for data theft and blackmail
The ransomware arena is set to undergo major upheavals in 2023, with malicious actors seemingly beset on all sides: international law enforcement has been cracking down on ransomware activity with the promise of cybercrime-related sanctions. On top of these decisive blows to their notoriety, Trend Micro foresees that the double extortion tactics that were widely adopted among ransomware circles will no longer be the devastating one-two punch they once were, as defenders will continue to build a resilience to ransomware attacks.
However, ransomware actors may adapt by turning their attention to the cloud. With more companies migrating their assets and critical data to the cloud, and Gartner projecting that worldwide spending on public cloud services will reach up to US$592 billion in the coming year, the criminal element will have little recourse but to follow cloud adopters if ransomware operations are to stay relevant and profitable.
Inconsistent application of cloud technology will hurt enterprises as adoption of new tools increases
Enterprises adopted cloud technology quickly within the past three years, migrating assets and operations to facilitate work from home solutions as well as contactless technology. This momentum is only set to continue in 2023; in fact, Forrester projects cloud adoption to continue at an unprecedented pace in the financial and regulated sectors. In light of these changes, the main security issues that businesses should be concerned with arise from the inconsistency of implementation and misconfiguration of cloud technology.
One new attack surface worth watching out for is cloud application programming interface (APIs) on connected cars. Most new car models have built-in embedded-SIMs (eSIMs) that are used to transmit telematics data, communicate with back-end cloud servers, and create Wi-Fi hotspots, among other functions. Cars have become powerful and complicated computer systems and should be secured with the same care as enterprise systems.
The enterprise perimeter will expand into the home as users become more comfortable in a hybrid work environment
While hybrid work arrangements were not unheard-of prior to the COVID-19 pandemic, gone are the days when a company’s security posture was limited to on-premises networks, with more organizations embracing flexible work models that will be the norm by 2024.
But security gaps are bound to arise from a remote workforce whose devices are constantly moving back and forth between corporate networks and their own home networks. In the year ahead, Trend Micro expects imaginative cybercriminals to take full advantage of hybrid work setups that are on course to becoming the status quo with a surge of attacks involving network-based worms, or target at-home connections linked to virtual private networks (VPNs) as a means of lateral movement.
Moving forward, enterprises can accommodate the needs of both their in-office and at-home employees with a zero trust approach. Having a zero trust environment in place where the identity of all devices, users, and apps are assumed to be vulnerable and must be explicitly verified — and even then, are only granted least-privilege access — cuts down the likelihood of bad actors establishing a foothold into a network.
Social engineering is an evergreen threat that will continue to reach across industry lines and user bases as attackers adopt new technology like deepfakes
Attackers can always count on human fallibility as the one constant amid economies and technologies in flux. It’s why social engineering-based attacks will never go out of style — Trend Micro foresees the arrival of souped-up versions of tried-and-tested tactics in 2023, specifically, a rise in more complex romance scams. Online fraudsters will continue to be on the prowl for lonely hearts who can fall for a new spin on the classic honey trap, which involves malicious actors using fake user profiles to lure potential victims into a romantic relationship and trick them out of their money.
Another area where scammers will retrofit age-old techniques with modern toolboxes is in business email compromise (BEC), wherein attackers impersonate high-ranking executives over email to defraud a company. This kind of scam will continue to plague enterprises in 2023: the market for BEC is expected to increase at an annual compound rate of 19.4%, and although the use of open-source email security software will have a hand in impeding that growth, BEC remains a lucrative criminal venture: losses resulting from BEC attacks will amount to around US$2.8 billion by 2027.
Deepfakes will also have a wide range of use cases for cybercriminals in 2023, enabling them to impersonate victims that can trick banking establishments, cryptocurrency services, or even create user accounts for identity theft.
The hype surrounding digital novelties like NFTs and the Metaverse will keep waning, but the blockchain technology on which they’re built is going to be where the real action is
Though the buzz surrounding digital currencies has also taken a hit thanks to an abundance of scammers seeking to infiltrate users’ crypto-wallets and steal their mnemonic seed phrases, the internet at large won’t completely write these off because they will remain useful for users and attackers alike. Cryptocurrencies like Monero, equipped with privacy features that give attackers more freedom to operate with anonymity, will still be widely used by malicious actors for fund transfers. But considering the volatility of digital currencies, Trend Micro foresees people cashing out to a fiat currency quickly instead of storing funds in their wallets to get ahead of drastic market drops. This change in user behavior will, in turn, motivate malicious actors to carry out more money laundering schemes.
Trend Micro also predicts cryptocurrency-related attacks to keep coming out of countries where attackers have developed a specialty for targeting digital assets. In 2022 alone, specific hacker groups have been eyed as suspects in high-profile heists such as in the online game Axie Infinity whose users can earn cryptocurrency while playing.
Attackers will further capitalize on vulnerabilities and intrude through overlooked attack surfaces like open-source software
Malicious actors in 2023 will be banking on busy companies neglecting to review and replace outdated protocols in their networks — a dangerous oversight that could open the door for cyberattacks.
Overlooked parts of device security, like router use, will also invite unwanted attention from cybercriminals: Attackers that want to go under the radar will likely take advantage of an organization’s lack of visibility over devices connected to their corporate networks, especially if these organizations have been negligent in updating the firmware or maintaining activity logs.
Industrial entities will top off their tech stack, but must contend with staff shortages and new regulations
It may be tempting to play it safe in the face of a possible recession, but opportunity costs are lower in times of crisis, freeing up budgets for digital transformation without hurting the bottom line. In the lead up to economic slowdowns that may come in 2023, mature companies will invest in advanced technology such as 5G connectivity which will open up new use cases and market opportunities for enterprises along their industrial internet of things (IIoT) journey.
Similarly, we anticipate more original equipment manufacturers (OEM) gradually coming out with offerings and solutions that incorporate artificial intelligence (AI). For companies looking to digitize their plants, AI-powered tools also promise to be a force multiplier of efficiency, enabling them to better predict customers’ purchasing behaviors and automate complex tasks for the human operators overseeing their industrial assets. As manufacturers turn to IT to gain a competitive advantage, malicious actors will also capitalize on this emerging technology to ramp up their attacks in terms of automation and probing, making offensive AI a looming threat that should be on manufacturers’ radars in the years to come.
The increased integration of IT and OT brought about by these transformative technologies will prove a double-edged sword for industrial companies, especially those that keep security strategies for their IT and OT infrastructures separate: while this convergence enables them to monitor their operations more closely, it will also expose organizations to unforeseen threats. In 2023, we foresee an upward trend in IT-based cyberattacks inadvertently affecting OT systems that are connected to IT networks – and worse, revealing OT systems as an underutilized attack vector through which malicious actors can move laterally between OT and IT environments.
Enterprises will veer away from the point-solution approach to cybersecurity
In 2023, a slew of enterprises will see the writing on the wall and make the long-overdue shift to more holistic cybersecurity strategies. While many continue to rely on a repertoire of heterogenous, often siloed, point solutions that are designed to address threat issues piecemeal, these disparate tools no longer measure up to the increasingly sophisticated cyberthreats that enterprises must contend with, especially in the cloud-native age.
In response to this, demand for a unified cybersecurity platform is bound to gain traction among organizations whose needs now call for expanded visibility over their increasing assets that are spread across various environments, networks, and operating systems. Companies will need to be in a position to detect malicious activity on their systems on a larger scale if they are to fend off attacks from malicious actors that are shaping up to be even more methodical and professional: a platform-based approach integrates a cybersecurity vendor’s own offerings with third-party tools, which not only streamlines the user experience but provides defenders with enterprise-wide visibility and telemetry across their growing IT infrastructure that they will need to map out their attack surface.
Looking Ahead to 2023
Trend Micro’s predictions for 2023 lays out the trends and risks that will take shape in the cybersecurity landscape, based on the observations and extensive research of the firm’s security experts. Getting ahead of the evolving threats that will crop up in the coming year calls for organizations to have a multilayered defense plan, bolstered by mitigation measures such as securing environments and systems with a zero trust strategy, investing in user education for employees, increasing transparency using a comprehensive security platform, unearthing weaknesses in IT infrastructure with a stress test, and taking inventory of cloud services to cut down on cloud bloat.
The stark realities of cloud migration, remote working, and software development are sure to test the resilience and readiness of security teams come 2023. To navigate uncertainties that lie ahead in the security landscape, defenders will need a suite of protections capable of assessing and minimizing the risk of compromise on multiple layers. But more importantly, their organization’s defense strategy needs to be built on reliable insights into what drives the threat life cycle if they are to come out on top of the cyberthreats arriving in 2023 and beyond.