Cybersecurity analysts/strategists usually have a good yearly overview of cyber trends. Here are eight to ponder over
As we approach the middle of January, here is another set of predictions for the year, from VMWare strategists.
Kicking off the firm’s most thorough outlook forecast is Principal Cyber Security Strategist Rick McElroy. His top prediction is that the Healthcare industry will continue to be top targets for cybercriminals this year, with ransomware and deepfake attacks exploiting the rise of telemedicine.
Also, healthcare has become increasingly politicized, so Dark Web activity and ransom demands will continue to rise as data becomes a goldmine for attackers. The latter groups will aim to use this data in a way that is harmful to both the organization and the patients at hand. Adversaries know that if they want to inflict pain on an organization, targeting a hospital is the best route for destruction.
McElroy’s other predictions include:
Top target #2: Education
Last year, more than 1,000 schools in the United States fell victim to ransomware attacks. In 2023, state and private institutions will continue to face the same challenges as there are a handful of security gaps most education institutions face: a lack of cybersecurity awareness and training; limited funding and resources.
Adversaries know schools only have a short window to update processes and get in front of risks (during the summer closures), making it harder to keep pace with updated security technologies and easier for cybercriminal groups to gain access to these networks and wreak havoc.
CISOs will continue to be in the business spotlight
The added legal pressure some CISOs now feel following high-profile security leader convictions and whistleblower complaints of 2022 is added weight to an already stressful job.
CISOs are tirelessly fighting for larger budgets in order to ensure that security becomes or remains a board-level issue and an organization-wide responsibility. This includes having open conversations with CEOs and CFOs about where and how funds will be used, and about the value of improved defenses to the organization as a whole.
In the year ahead, the CISO role will become more challenging and face more scrutiny.
A tussle of metaverse doubts and hopes
The metaverse has a relatively unknown future, but certain enterprises are still rushing it to market faster than the security community is comfortable with.
Already, we are seeing instances of identity theft and deepfake attacks in the current version of our digital world: what can stop an uptick in similar scams inside of the metaverse?
This year, businesses will need to be careful and considered in their approach to monetizing this nascent technology. Dragging passwords into the metaverse is a recipe for breaches. But if we are thoughtful about the controls put in place to identify users and deploy continual authentication, maybe the metaverse will take off eventually.
Here are two more predictions from another VMWare analyst:
The rise of API attacks
In 2023, we will continue to see the evolution of initial access tactics. A main goal of such access is to carry out aggressive API attacks against modern infrastructure and exploit workload vulnerabilities within an environment.
Because the majority of traffic within modern applications is API traffic, and it is often not closely monitored, this fuels lateral movement as cybercriminals continue to use evasive techniques once inside the environment to divert detection across VDIs, VMs, and traditional applications.
It may be a new year, but the primary goal of cybercriminals stays the same: gain the keys to the kingdom through four key steps: steal credentials, move laterally, acquire data and then monetize it.
RDP will fuel island hopping attacks
Last year many organizations learned the hard lesson that they are only as secure as the weakest link in their supply chain.
In 2023, cybercriminals will continue to utilize island hopping. The Remote Desktop Protocol (RDP) is regularly used by threat actors during an island hopping campaign to disguise themselves as system administrators.
In 2023, RDP is a threat that should be top-of-mind for all organizations, but particularly those in the healthcare industry.
Chad Skipper, Global Security Technologist
Two finally predictions
In 2023, we will see companies double down on cyber risk management. Boards will need to have a much clearer role and responsibility when it comes to the process of ensuring adequate controls and reporting cyberattacks. Cyber risk governance is not just the domain of the CISO: it is now clearly a Director- and Officer- level concern. When it comes to cyber, plausible deniability is dead.
Also, the issue of incident response team burnout will remain critical in the new year. Across the IT industry, we are moving toward wellness programs that help an organization’s workforce manage stress and prevent burnout, and these programs will become even more prevalent.
However, these wellness programs are just one piece of the puzzle. Over the course of 2023, it will become the role of the manager to help recognize early on when their team members are struggling, and work to address any problems before they snowball into a major issue.
Karen Worstell, Senior Cybersecurity Strategist