Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementTechnologies & SolutionsSecurity Leadership and ManagementLogical Security

2023 cybersecurity outlook: Crime keeps on slippin’ into the future

By Aamir Lakhani
black screen with multicolored text

Image via Unsplash

March 16, 2023

If security leaders hoped that 2022 would be a year to collectively catch a breath after the global turmoil of the previous two years, hopes were dashed. In almost all facets, 2022 has been a tumultuous year — and that goes double for cybersecurity. From increased attacks on critical infrastructure to the rising use of cyber warfare, it’s been a busy year for security professionals, forcing security leaders to evolve faster and faster as bad actors come up with new methods.

The kicker: 2023 will see more of the same, plus some new methods of attack and strategy, like the increase of Crime as a Service, risks from the metaverse and more wiper ware, to name a few. The upside? With the right knowledge and preparation, security teams can stay one step ahead.

The rise of CaaS and RaaS

Security teams globally should anticipate that ransomware attacks will continue to increase in popularity in 2023, if the growth of these assaults in 2022 is any indication of what the future has in store. The tremendous growth of new ransomware variations is largely due to an increase in Ransomware as a Service (RaaS) subscriptions on the dark web.

With the success of RaaS, a growing number of other attack vectors will be made accessible as a service through the dark web to support the considerable growth of Cybercrime as a Service (CaaS). There will be an increase in smaller, one-off services in addition to the sale of malware such as ransomware. Threat actors of all skill levels are drawn to the CaaS business model because it allows them to immediately access readymade services without having to invest time and money in creating their own attack strategy.

Offering attack portfolios as a service also provides a simple, quick and consistent source of income for seasoned hackers. Subscription-based CaaS might be able to make more money in the future. Threat actors will also begin to employ cutting-edge attack techniques like deepfakes, expanding the market for these audio and video recordings and related algorithms.

The metaverse

The metaverse is bringing about new, completely immersive experiences in the online landscape. Cities are among the first to venture into this new version of the internet powered by augmented reality. The possibilities are almost endless; even digital goods are being launched by retailers for sale in these virtual environments. These new virtual destinations provide a wealth of opportunities, but they also pave the way for an unparalleled rise in cybercrime in this uncharted area. 

An individual, for instance, is a prime target for attackers since their avatar effectively serves as a gateway to their personally identifiable information (PII). As people buy products and services in virtual cities, all means of payment — digital wallets, cryptocurrency exchanges, NFTs and any other currencies used in transactions — provide threat actors with another new attack surface. 

The AR and VR-driven elements of virtual cities might also make biometric hacking a genuine possibility. That would make it simpler for cybercriminals to obtain retina scans, face recognition data or fingerprint mapping and exploit them for nefarious purposes. Additionally, these environments’ transactions, protocols and apps are all potential targets for attackers.

Wipers gain traction

Attackers have resurrected wiper malware in 2022 by releasing fresh iterations of this 10-year-old attack strategy. The danger moving forward is the commoditization of wiper malware, which goes beyond the current reality of attackers combining a computer worm with wiper malware and even ransomware for optimal effect. Criminal organizations could adopt and reuse malware that was created and disseminated by nation-state actors; this malware could be used throughout the CaaS paradigm. Given the coordinated nature of cybercrime nowadays, wiper malware could wreak extensive devastation in a short timeframe if the correct exploit were combined with it. Time to discovery and the speed at which security teams can take corrective action are therefore crucial.

What needs to happen next

Organizations need to upgrade their security solutions with machine learning and AI so their security teams can spot attack patterns and immediately address threats. And ongoing cybersecurity awareness training is a must. Cyber hygiene for all employees must be a priority, as well as regular updates to train them on the latest threats. 

In order to better prepare before attacks occur, it will be crucial to look outside the organization for hints about potential attack strategies. Digital risk protection (DRP) services are essential for conducting external threat surface assessments, identifying and fixing security flaws and gaining contextual insights into present and impending dangers before an attack happens.

As cybercriminals continue to evolve their tactics and strategies, so must IT security teams. Old malware dogs are learning new tricks, and new situations like the metaverse and smart cities are creating potential security disasters. Use the recommendations noted above to build an automated, coordinated and integrated security approach to meet the scale and speed of current and future threats.

KEYWORDS: business resilience cyberattack cybercrime malware ransomware

Share This Story

Aamir Lakhani is a cybersecurity researcher and practitioner at FortiGuard Labs.

Blog Topics

Security Blog

On the Track of OSAC

Blog Roll

Security Industry Association

Security Magazine's Daily News

SIA FREE Email News

SDM Blog

Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Red laptop

Cybersecurity leaders discuss Oracle’s second recent hack

Pills spilled

More than 20,000 sensitive medical records exposed

Coding on screen

Research reveals mass scanning and exploitation campaigns

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing