Recent global events such as the pandemic, a war and changes to workplace practices have seen a rise in the number and type of ransomware attacks, particularly different forms of phishing. The number of enterprise security breaches and critical infrastructure attacks also spiked, driven by expanding threat vectors. Looking to 2023, BlackBerry is sharing some key trends for Australia and New Zealand to take heed of, based on insights and local research.
What are BlackBerry’s 2023 cyber security predictions?
As cybercriminals and nation-states team up, attacks will increase in scale, severity and type to take advantage of outdated security architectures, the human skills gap and software supply chain vulnerabilities. Firms undergoing digital transformation, particularly in healthcare, will be the most at risk unless they can combine cybersecurity upskilling and outsourcing with behavioural analytics and AI to improve visibility, prevention, and response to cyber threats.
Some of BlackBerry’s 2023 predictions include:
Evasion tactics to evolve as cyber and ransomware attacks spike
Cyber criminals will be relentless in carrying out more sophisticated and targeted attacks in the year ahead. To maximise harm to government and society, and cause more financial impact on the private sector, new tactics, techniques, and procedures (TTPs) will evolve to try and stay one step ahead of vendors, ‘tricking’ both humans and technology.
Organisations should look first at their software stack – evasion tactics are on the rise. HEAT attacks (Highly Evasive Adaptive Threats) can even turn cybersecurity technology on itself with clever bypass techniques. One recent example tricked certain software into purposely wiping data, instead of protecting it. The use of tactics such as Whispergate and Hermetic Wiper escalated during the Ukraine war, and we will see further impact to businesses in 2023.
Ransomware attacks will continue to be one of the biggest risks to companies, especially those using profitable double extortion tactics. Not only does this result in financial loss, but also reputational damage and other direct and indirect losses related to the breach.
Business email compromise (BEC) is another explosive threat. By exploiting ‘inbox trust’, cybercriminals can hack, spoof or impersonate a business email address that appears to be genuine. Victims are lured into clicking on a link, opening an attachment, sending an email or transferring money to an account with a fake invoice. In Australia, one of the countless examples in 2022 included tricking home buyers with fake real estate emails.
In some cases, people lost their home deposit during settlement, prompting warnings from the Government. In 2023, businesses will need to consider more defined risk mitigation strategies, combining employee education with technology tools to stop BEC attacks at multiple levels, including human error, data and network layers. While evasion tactics, ransomware and BEC will continue to make headlines, so will blatant extortion.
The high-profile attacks on Medibank and Optus were not ransomware, but nation-state criminals stealing credentials or using open APIs to steal personal data for financial gain. Regardless of the extremely questionable motivations of such threat actors, unless Australia is adequately protected, we are fair game – and this kind of trend is set to continue.
Increased attacks on hospitals and health care organisations
As the health care sector continues to undergo a digital transformation, lucrative patient data, employee data-sharing practices and often inadequate security will make it a top target in 2023, especially for threat actors continually trying to extort ransom demands.
BlackBerry research reveals those surveyed in the healthcare sector are least likely to agree they have an incident management process to handle threats. Over a third say they lack the security teams and tools to be effective, half say they have the capacity to handle the number of alerts they receive, and less than half say they have the knowledge, tools, and necessary visibility to detect and respond to zero-day and advanced threats.
Years to Quantum (Y2Q)
Quantum computing (QC) will challenge cryptography, changing the way we keep data secure. When quantum computers develop to the point they can break encryption keys – it could allow access to transportation systems, hospitals, critical infrastructure – even banks.
Y2Q is a sinister problem as threat actors can plant dormant malware while QC is still in development, with the intention to mobilise malware or decrypt information in the future. The implications for Y2Q are drawing close, with predictions ranging from 2024 to 2032.
If Australia is to be ‘the most cyber-secure country 2030’, as quoted by Minister for Home Affairs and Cyber Security Claire O’Neil, the challenge of a quantum-resistant nation should be at the top of the priority list for government and industry in terms of regulatory frameworks, future-proofing embedded systems and the supply chain. To achieve this, firming up collaboration between the public and private sector is critical in 2023, at home and globally.
The cybersecurity skills gap will widen
There are millions of open cybersecurity positions around the world, and not enough experts in the market to manage the growing scale of cyber risks. Not only is there a gap in skills and gender – but a particular lack of professionals with strong backgrounds in AI and ML.
Without skilled security teams, organisations are at risk. Closing the gaps will require a strong focus on educating and encouraging people to pursue cybersecurity roles. Outsourcing will also help plug gaps in security expertise, particularly for small businesses.
However, hiring more people and improving skills won’t address the scale of the problem. In 2023, we will continue to see intelligent, predictive AI combined with external, 24/7 security experts being increasingly sought by firms of all sizes. Their goal is to narrow the gap more affordably – minimising alert fatigue, reducing costly hires and training, while preventing threats before they execute so lean IT security teams can focus on other priorities.
Supply chain attacks will wreak havoc
Software supply chain attacks are among the most destructive strategies used by cybercriminals today. New BlackBerry research found that 4 in 5 IT decision makers have been notified of an attack or vulnerability in their supply chain in the last 12 months.
It also revealed in the last year, that 80% of firms in Australia were notified of a vulnerability within their software supply chain. Compared to the global average, Australia suffered the highest rates of operational compromise and data loss. It proves cybersecurity must go far beyond vendor trust. To best prepare for 2023, organisations should consider meaningful and timely contextual threat intelligence to stay up to date with the most recent threat models.
Going into 2023, it is also important for organisations to prioritise defensible security architectures based on zero trust strategies and establish regular audit programs to identify potential vulnerabilities and weak points in supply chain processes and systems.