If security leaders hoped that 2022 would be a year to collectively catch a breath after the global turmoil of the previous two years, hopes were dashed. In almost all facets, 2022 has been a tumultuous year — and that goes double for cybersecurity. From increased attacks on critical infrastructure to the rising use of cyber warfare, it’s been a busy year for security professionals, forcing security leaders to evolve faster and faster as bad actors come up with new methods.
The kicker: 2023 will see more of the same, plus some new methods of attack and strategy, like the increase of Crime as a Service, risks from the metaverse and more wiper ware, to name a few. The upside? With the right knowledge and preparation, security teams can stay one step ahead.
The rise of CaaS and RaaS
Security teams globally should anticipate that ransomware attacks will continue to increase in popularity in 2023, if the growth of these assaults in 2022 is any indication of what the future has in store. The tremendous growth of new ransomware variations is largely due to an increase in Ransomware as a Service (RaaS) subscriptions on the dark web.
With the success of RaaS, a growing number of other attack vectors will be made accessible as a service through the dark web to support the considerable growth of Cybercrime as a Service (CaaS). There will be an increase in smaller, one-off services in addition to the sale of malware such as ransomware. Threat actors of all skill levels are drawn to the CaaS business model because it allows them to immediately access readymade services without having to invest time and money in creating their own attack strategy.
Offering attack portfolios as a service also provides a simple, quick and consistent source of income for seasoned hackers. Subscription-based CaaS might be able to make more money in the future. Threat actors will also begin to employ cutting-edge attack techniques like deepfakes, expanding the market for these audio and video recordings and related algorithms.
The metaverse is bringing about new, completely immersive experiences in the online landscape. Cities are among the first to venture into this new version of the internet powered by augmented reality. The possibilities are almost endless; even digital goods are being launched by retailers for sale in these virtual environments. These new virtual destinations provide a wealth of opportunities, but they also pave the way for an unparalleled rise in cybercrime in this uncharted area.
An individual, for instance, is a prime target for attackers since their avatar effectively serves as a gateway to their personally identifiable information (PII). As people buy products and services in virtual cities, all means of payment — digital wallets, cryptocurrency exchanges, NFTs and any other currencies used in transactions — provide threat actors with another new attack surface.
The AR and VR-driven elements of virtual cities might also make biometric hacking a genuine possibility. That would make it simpler for cybercriminals to obtain retina scans, face recognition data or fingerprint mapping and exploit them for nefarious purposes. Additionally, these environments’ transactions, protocols and apps are all potential targets for attackers.
Wipers gain traction
Attackers have resurrected wiper malware in 2022 by releasing fresh iterations of this 10-year-old attack strategy. The danger moving forward is the commoditization of wiper malware, which goes beyond the current reality of attackers combining a computer worm with wiper malware and even ransomware for optimal effect. Criminal organizations could adopt and reuse malware that was created and disseminated by nation-state actors; this malware could be used throughout the CaaS paradigm. Given the coordinated nature of cybercrime nowadays, wiper malware could wreak extensive devastation in a short timeframe if the correct exploit were combined with it. Time to discovery and the speed at which security teams can take corrective action are therefore crucial.
What needs to happen next
Organizations need to upgrade their security solutions with machine learning and AI so their security teams can spot attack patterns and immediately address threats. And ongoing cybersecurity awareness training is a must. Cyber hygiene for all employees must be a priority, as well as regular updates to train them on the latest threats.
In order to better prepare before attacks occur, it will be crucial to look outside the organization for hints about potential attack strategies. Digital risk protection (DRP) services are essential for conducting external threat surface assessments, identifying and fixing security flaws and gaining contextual insights into present and impending dangers before an attack happens.
As cybercriminals continue to evolve their tactics and strategies, so must IT security teams. Old malware dogs are learning new tricks, and new situations like the metaverse and smart cities are creating potential security disasters. Use the recommendations noted above to build an automated, coordinated and integrated security approach to meet the scale and speed of current and future threats.