The second half of 2022 has seen several high-profile data breaches. Attacks ranged far and wide, from major corporations like Optus and Medibank to smaller businesses, leaving CISOs and boards concerned. And it’s brought cybersecurity into the public eye on a new scale.
2023 will further present challenges with the tried and tested attacks set to continue, while we see some new tactics come into play. Preparedness and organisation-wide awareness about cybersecurity is going to be more important than ever, as we will most likely see brands that have already been hit in 2022 become the target of further attacks in 2023.
What can be expected of the industry in 2023?
Social media and instant messaging will also become the new hunting ground for bad actors with impersonation attacks targeting new staff members set to peak – particularly as people change jobs early in the year. Here are the cybersecurity predictions for 2023:
History will repeat
High-profile data breaches will continue to hit the headlines with many victims from 2022 making it back into the news in 2023. We have seen firms being attacked by relatively unsophisticated initial methods this year. This is due to the lack of risk appreciation or cyber skills at board and executive level leading to a lack of appropriate investment in tools.
So, we will most likely see firms that have been hit, go through second breaches. It takes time to build and increase a security posture, whereas attackers can go after a firm again quickly. Could we see the first bankruptcy happen due to a cyberattack? Time will tell.
The evolution of phishing
Phishing attacks will continue to iterate as these are low cost with a high return on investment for cyber criminals, especially initial access brokers. However, they will move further away from targeting traditional email communications and evolve more onto social media and instant messaging platforms that are out of scope for most security tools.
We haven’t hit ‘peak phishing’ yet and are seeing an escalation in target value. This was predicted years ago, but we are yet to see what it means when a truly high-impact attack happens. I suspect energy, healthcare and financial institutions will be hit in the coming years.
New starters beware
Our research suggests that a phishing email impersonating a colleague has the highest chance of success, so impersonation attacks targeting new employees will likely grow.
As new appointments make a splash on LinkedIn, they will become susceptible to fake welcome emails from “senior executives” or fake company onboarding portals.
These will be used for credential harvesting, account takeover or even multistage malware droppers in some cases. New starters need to be made aware of these risks as part of their onboarding, to avoid personal and business information falling into the wrong hands.
A familiar voice?
Just when you thought it was safe to have someone call you to verify that their email is legitimate, threat actors will take social engineering to the next level. As artificial intelligence (AI) voice cloning technology becomes more powerful and readily available across the globe, we will now see an increase in impersonation attacks that utilise audio deepfakes. These will be used in combination with compromised email and collaboration accounts.
Global response to cyberattacks
Cyberattacks become more visible and the impact to end users better understood, the political responses from various countries will further increase. We have seen some of the fallout from the Medibank data breach with the recalling of Russian diplomats once Russia was attributed to the attack. As the impact of cyberattacks becomes more visible, we’ll also see politicians ride that wave for support and take a harder line on cybersecurity.
Garrett O’Hara, Field Chief Technologist in Asia Pacific for Mimecast. He is a seasoned leader of technical sales teams in the Asia Pacific region with experience of growing new-to-country businesses.