Will the threat scenario change in 2023?

We can’t deny that the world is becoming increasingly digital. With that, we’re seeing cyberattacks growing unprecedentedly over the past few years, costing organizations about $2.9 million every minute, not to mention personal losses. However, it is still security/report-average-time-to-detect-and-contain-a-breach-is-287-days/" target="_blank" rel="noopener">very slow for companies to identify and contain the intrusions – on average, 212 days for identification and 75 days for containment, according to IBM. Will this scenario of chaos and damage change in 2023? It seems not, says a report from Experian in its 10th edition, after analysing a decade of cyber threats.

This situation is likely to persist because threats are emerging at such a rapid pace that resources and manpower cannot keep up. The attack surface is growing exponentially because of the endless number of devices accessing networks and the Internet, opening more doors for malicious activity. To get an idea, Cisco predicts that there will be three times more networked devices/connections than people on Earth by 2023. Imagine, then, the vulnerabilities they can carry.

In addition, cyber-attacks are becoming an ongoing, multistep process. After hacking into organizations’ networks, hackers sneak in data to avoid raising suspicion and infiltrate as small moves to capture more valuable assets, such as intellectual property, in an action that can go on for days or even months.

Another trend that could contribute to the advancement of threats in 2023 and beyond is the metaverse. No wonder Experian’s study calls it a new playground for hackers. Attractive to many – Gartner predicts that 25% of the population will spend at least an hour a day in the metaverse by 2026 – this new environment can also be a source of associated security and privacy concerns. Hackers already well-versed in other ecosystems will surely find ways to exploit vulnerabilities in the metaverse to launch phishing scams and more sophisticated malware attacks.

NFTs (Non-Fungible Tokens), the backbone of the economy in the metaverse, will also pose a risk. Cybercriminals could sell fake NFTs or gain access to users’ data and funds through phishing scams. More than $100 million worth of NFTs was already stolen in 2021. In the coming years, these figures will likely increase.

Furthermore, by encouraging the use of Virtual Reality and Augmented Reality devices that collect large volumes of data on users’ movements, habits and preferences, we may also see the leakage of information from the metaverse grow.

And these risks associated with the metaverse are not new. As early as 2021, metaverse companies faced 80% more bot attacks and 40% more human attacks than other business classes.

Artificial Intelligence may also favour cybercrime, so 2023 will likely increase AI-driven cyber attacks. For example, AI tools are helping to create phishing emails that look more trustworthy and audio and video files that are closer to trusted equivalents. And that seems to be just the tip of the iceberg regarding artificial intelligence targeting cyber-attacks. AI can be applied to allow malware to move more easily across networks, and probing systems without easily revealing itself. It can also learn how to target specific endpoints rather than having to scour a longer list, relying on a self-destruct mechanism to avoid detection. According to Darktrace, context is one of the most valuable elements AI can add to the arsenal of cyber attackers.

In the case of cybersecurity, the sky is not the limit. Threats to satellites is also a reality we must prepare for in 2023. With the growing constellation of privately owned Low Earth Orbiting (LEO) satellites, these communications devices will be a hotbed for any hacker with a little more experience. If not sufficiently defended, malicious actors could hack into an entire fleet of satellites and access the data transmitted to and from the satellites. They could also jam signals and disrupt business operations globally. There are currently 4,500 more active satellites and many thousands more planned to be put into orbit, i.e. an attack surface that is now space.

Deepfakes, images or videos in which one person is replaced by another so that the exchange is almost unrecognisable, are another class of threat that is expected to escalate. Used as another type of social engineering-based attack, the technique can help malicious agents manipulate identities and send fake messages not only in text but also in audio, impersonating another person. Attacks using deepfakes are increasing rapidly – 66% of respondents in a recent survey have witnessed such actions in the past 12 months, showing a 13% increase over 2021.

2023 should also continue to witness the growth in the use of digital technologies as a tool of warfare. For the first time, the cyber battle may prove as important as the field. Among reports of cyber attacks was that a satellite company had its operations affected. The tactics even affected civilians, with reports of fake text messages. So, cybercriminal recruitment is likely to intensify. On the opposite side, the countries’ Armed Forces should react in equal or greater proportion. The United States intends to double its contingent of cyber forces by the end of the decade. In addition, the Cyber Infrastructure and Security Agency (CISA) has issued a warning about expected attacks in 2023 and how to protect against potential attacks.

With all this in view, Experian recommends moving away from insufficient prevention-only approaches and shifting in the direction of recovery (of operations and reputation) and cyber resilience to better cope with the wave of attacks ahead in 2023 and beyond.

Digitalization will continue to create responsibilities for IT professionals: whether on the factory floor, in hospitals, power supplies or data centres, previously analogue devices and systems that were isolated from the IT world now integrate IoT infrastructures, generating data, consequently extending attack surfaces. To ensure efficient operation, it will be crucial to always be aware of technical equipment, operational facilities and security in order to minimize downtime.

In that vein, 2023 will bring a renewed focus on improving security in the IoT environment. Due to the significant increase in data breaches, ransomware attacks, and other cyberattacks, companies worldwide are increasing their attention to further strengthening their cybersecurity initiatives and strategies. However, one noticeable gap is the Internet of Things (IoT) security gap.

Monitoring will remain a vital part of every security strategy, ensuring that all classic security tools, such as firewalls, unusual detection systems or privileged access management (PAM) tools work perfectly. But especially in the IoT world, monitoring will have another important task: suitable monitoring solutions can ensure physical security by integrating door locking systems, security cameras, smoke detectors or temperature sensors into central monitoring.

Given this scenario, there will be high demand for solutions that give organizations a unified view of multiple IT infrastructures, providing benefits such as end-user insight into network performance, troubleshooting, simplifying the transition to the cloud and reducing bandwidth requirements, says Paessler.