Nine cybersecurity predictions for 2023 that’ll keep business owners up at night

Cybersecurity predictions for 2023 are enough to give business owners and shareholders sleepless nights.

Experts are warning about a range of challenges next year, from increased cloud credential attacks, deepfakes, a fifth generation of ransomware and refocused regulation, cyber-attacks across linked devices and burnout among the specialists who work to contain these attacks.

“Ransomware continued to reign supreme and became one of the most common and dangerous threats facing healthcare organisations and software supply chains, while the war in Ukraine created heightened concern over zero-day threats wreaking havoc for organisations worldwide,” Greg Day, VP & EMEA Field CISO at Cybereason, says.

Conti, the cyber gang with Russian ties, also managed to disrupt financial operations throughout Costa Rica and it seems there is no end in sight for the hacking group Lapsus$, which has proven itself to be a formidable threat actor, he says. Day makes the following nine predictions for cyber security in 2023:

1. Increased cloud credential attacks

The big shift to SaaS fragmented more than a decade’s worth of work to simplify and consolidate corporate identity and access management (IAM) systems. Day says in addition, many new SaaS applications cannot be integrated with organisations’ existing single sign-on (SSO) solutions, yet organisations continue to accelerate adoption of new SaaS software, even without the security controls of SSO.

“Consequently, adversaries will increasingly focus on finding these weaker access points (new SaaS applications) to gain access to corporate and personal data, unless IT and security departments manage to get IAM back under control.”

ALSO READ: Cyber attacks: Negligence, poor systems make South Africa cyber crime heaven

2. Deepfakes

Deepfakes play a larger role in blended attacks. “In recent years, we saw the increased success of blended attacks that, for example, combine social engineering tactics with malicious links. With end users becoming more aware of social engineering, we can expect more sophisticated attackers will increasingly turn to deepfakes to trick end-users into clicking on malicious links and downloading infecting files.”

Day says it will not be long before deepfakes become yet another common and core element of the blended attacks used in the cybercrime kill chain.

3. Fifth generation of ransomware

The fifth generation of ransomware will emerge in 2023. A recent report by Cybereason found that 73% of organisations suffered at least one ransomware attack in 2022, compared to just 55% in 2021.

“As the world reaches saturation of ransomware, adversaries will explore new methods to get money from the same victims in the fifth generation of ransomware.”

ALSO READ: Microsoft data reveals Russia carried out cyberattacks in Ukraine

4. Refocused regulation

Lawmakers refocusing regulation will be another challenge, as regulation comes with a long list of pros, cons and everything in between, as we learned in the most recent report from the Cyber Defenders Council, Day says.

“In the coming year, regulation in the EU will have more of an emphasis on ensuring businesses truly identified and remediated breaches. This regulatory focus will close the gap between shutting the attack door in the immediate aftermath of an incident and understanding the attack’s impact. In the US, regulatory bodies such as the SEC take a different approach that focuses on enhancing cyber risk reporting and board-level governance.”

5. Ransomware in the cloud

Ransomware will test cloud storage access controls, Day says.

“Cloud storage can give organisations a significant data protection advantage, along with more flexible recovery options, but as ransomware moves from the endpoint to target cloud-only spaces, it creates new risks for organisations, especially those that accelerated cloud adoption during the pandemic and lost sight of where sensitive data lives and who has access to it. This creates weaker credential management, leaving room for ransomware to infiltrate.”

ALSO READ: Africa displays ramped-up approach to cyber security – KPMG

6. Cyber-attacks will jump between devices

Cyber-attacks will become transferable between smart devices.

“The typical cyber-attack moves from hacker to device, but 2023 may bring the first cyber-attack that jumps between smart devices, including smart cars. We have not seen the in-smart environment replication just yet, but with the pace of innovation, a smart car attack could be riding shotgun to the vehicle next to you.”

7. Significant attack on critical national infrastructure

The risk of a significant attack on critical national infrastructure will also increase, says Day.

“As both direct and indirect cyber warfare domains grow, so too does the potential for a substantial cyber-attack, most likely in an area such as the energy space. I see this risk most presently in Europe, the Middle East and Africa, but it is certainly top of mind among cybersecurity and national defence experts globally.”

ALSO READ: Listen: Four tips to protect your small business against cybercrime

8. Burnout will plague security team members

Burnout will impact cyber resilience as security teams around the world work long hours from home, adapting their organisation’s security posture to support all the shifts in key business systems.

“In an industry that still faces a massive skills shortage, we should not be surprised if burnout impacts security teams’ ability to maintain the round-the-clock coverage required to respond to a crisis in a timely fashion.”

9. New strategies for supply chain threats

Security leaders will have to develop new strategies for supply chain threats. Day says the standard due diligence and security assessments that CSOs performed on third parties are no longer adequate given the escalating frequency and impact of supply chain attacks.

“Regulations, such as the EU NIS Directive 2.0 and cyber insurance providers are forcing companies to conduct more frequent and dynamic assessments of their supply chain risk and improve control of third-party access to their networks.”