Cyber criminals never stand still. They constantly improve their methods and intensify their attacks on available targets. In 2023, companies will once again be faced with the task of further optimizing their IT defenses. When it comes to cyber insurance, a good defense is also expected or there is no policy.
2022 was not a quiet year for IT security either. Hackers have crossed new frontiers: Organized criminals attacked governments, like Accounts in the case of Costa Rica. The Lapsus$ group attacked well-known players in the digital economy such as Microsoft, Nvidia, Uber, Globant and others. Hacker collectives developed sophisticated, powerful tools for Advanced Persistent Threats (APT) on customer request. Attacks on healthcare providers have also increased. In Germany, attacks on the city of Potsdam, ThyssenKrupp and the bicycle manufacturer Prophete at the end of the year showed that no IT and no victim is beyond the reach or interest of hackers and that cyber attacks can, under certain circumstances, accelerate the insolvency of a medium-sized company.
Five cybersecurity trends in 2023
Internet of Things: An increasing number of vulnerabilities are being patched slowly
Cyberhackers will continue to exploit pre-existing vulnerabilities in the many Internet of Things (IoT) platforms or devices. Incorrect authentication procedures, lack of protection when transferring data, incorrect cloud configurations, remote code execution, command injection attacks or data protection problems are widespread and constant problems in IoT security. They require cooperation between hardware manufacturers and the IT security industry. The latter will not stop turning to device manufacturers to disclose vulnerabilities and urge manufacturers to patch.
An important step on the way to more IoT security in the smart home is the Matter Protocol, which was passed in 2022. Its specifications improve the prospects that a larger part of the IoT market will take security-related steps - towards interoperability, simplicity and common security standards. However, this process will remain a long-term one until governments introduce mandatory requirements for IoT devices. Steps to this are the IoT Cybersecurity Improvement Act of 2020 in the USA or in the European Union the law on cyber resilience, which will probably not come until 2025.
Persistent ransomware, dangerous drivers and bootloaders
Ransomware will remain a constant threat, especially for Microsoft Windows systems. The deployment of new malware is accelerating rapidly because Attackers can deploy ransomware-as-a-service (RaaS) kits, to easily and cheaply develop and play numerous variants.
In 2022, the ransomware actors have adapted to the changing circumstances. They improved the extortion technologies and also modified their programming language. Hackers will increasingly write code in previously unfamiliar languages such as Rust, Go or Swift. The BlackCat RaaS group, for example, developed its malware with Rust, a programming language that is generally considered to be more secure than C and C++, for example. Security professionals find it difficult to identify and analyze such threats. In addition, attackers with such code can attack a larger number of users with different operating systems.
Hackers are also increasingly exploiting powerful UEFI boot kits such as BlackLotus for their purposes. Mere antivirus tools may not be able to detect manipulated bootloaders. Until now, these tools have only been associated with experienced hackers or APT groups. Now anyone can buy them.
Mobile devices, phishing, fake apps and the war continues
Jörg von der Heydt, Regional Director DACH at Bitdefender (Image: Bitdefender).
Attackers will continue to use SMS messages to deploy malware on Android devices, such as the Flubot banking Trojan. Android Trojans are difficult to prevent from spreading. In addition, users can easily adapt their tools to the current social and political situation: the text of the SMS with the link to malware can report a failed parcel delivery today and make an offer tomorrow to save energy costs. The day after tomorrow she supposedly shares a friend's picture. In reality, the malware downloaded by the victim spies on contacts and financial data.
Attackers will continue to use fake apps to proliferate spyware and other malware. These apps are disguised as legitimate Google Play Store applications. They target gullible users who are tricked into installing malicious software by appropriate messages, social media apps, or even voice calls. This then enables remote access and financial fraud.
Cyberwar events in and around the Ukraine conflict will also continue. In response to Ukrainian recaptures, Russian hacktivists are likely to strike back and continuously invade Ukrainian and Western organizations with malware. APT groups supported by the Russian state are very likely to offer their malware-as-a-service to any interested attacker.
Proactive cyber security desired
But cyber security is also evolving. Needless to say, the market for security solutions will continue to grow. But customers have new needs. one Bitdefender Global Cybersecurity Posture Survey December 2022 According to them, more and more companies want to move away from traditional defenses and towards holistic approaches of prevention, detection and response. 53% of 1.693 companies and organizations surveyed in over 100 countries already choose this trio, with 12% testing a more proactive security strategy. 32% consider adopting a more proactive defensive strategy in the near future.
Cyber security teams will also grow, especially since the IT defense staff is much weaker than expected. There is still a need to catch up here. According to the cited Bitdefender study, only 18% of the survey participants employ an IT team member exclusively for IT security tasks. For most IT departments, security is just one task among many. This will continue to be the case.
But the expansion is encountering difficult conditions. Companies see financial problems due to the generally uncertain economic climate, which is characterized by high risks of recession. In addition, there is also the dramatic lack of staff in this country. According to Bitkom, there is a shortage of 137.000 IT specialists in the German private sector. Such factors increasingly motivate those responsible to use integrated and partially automated technologies or services.
Subscribe to our newsletter now
Read the best news from B2B CYBER SECURITY once a monthDifficult insurance protection
An effective cyber policy is tied to criteria that are constantly being raised and applied more strictly. In 2022, providers of such policies began tightening requirements and increasing premiums. The board of directors of the Swiss insurance company Zurich considers cyberspace “no longer insurable” in the future. In concrete terms, insurance companies therefore ask about suitable measures to check and monitor IT systems and, when concluding the contract, make a binding demand that policyholders comply with the required criteria. Managed Detection and Response services will be an important argument for companies to obtain insurance cover in the future.
More at Bitdefender.com
About Bitdefender Bitdefender is a leading global provider of cybersecurity solutions and antivirus software, protecting over 500 million systems in more than 150 countries. Since it was founded in 2001, the company's innovations have consistently ensured excellent security products and intelligent protection for devices, networks and cloud services for private customers and companies. As the supplier of choice, Bitdefender technology is found in 38 percent of security solutions deployed around the world and is trusted and recognized by industry experts, manufacturers and customers alike. www.bitdefender.de