Security 2023: Hybrid working world and connected cars in sight

Security 2023: Hybrid working world and connected cars in sight

Share post

Trend Micro publishes its cyber security predictions for 2023. In it, the company predicts an increase in cyber attacks in the areas of home office, software supply chain and cloud. And that MSPs, the hybrid working world and connected cars will increasingly be targeted by cyber attacks.

According to the security researchers at Trend Micro, VPNs (Virtual Private Networks) in particular are an attractive target for cybercriminals, because the breach of a single solution can attack several corporate networks at the same time. Home devices such as routers are also an easy target for attack, as they are often unpatched and not managed by a central IT department.

Study: Trend Micro Security Predictions for 2023

In addition to the threat to the hybrid workforce, the Future/Tense: Trend Micro Security Predictions for 2023 study identifies several trends that IT security leaders should pay particular attention to in 2023:

  • A growing threat comes from supply chain attacks on managed service providers (MSPs). Threat actors use these to gain access to a larger number of customers and can thus further increase the power of ransomware, data theft and other types of attacks.
  • "Living off the cloud" techniques provide a way for cybercriminal groups targeting cloud infrastructures to hide from conventional security solutions. For example, an existing backup solution can be misused to store stolen data in a different storage location in the attacker's cloud.
  • Connected vehicles will also increasingly become the target of cyber attacks in 2023. This happens, for example, via cloud APIs, which are located between the permanently installed SIMs in the vehicle (eSIMs) and the application servers in the backend. In a worst-case scenario (such as the successful hacking of the Tesla API in early 2022), a successful cyberattack gives threat actors access to the entire vehicle. Malware lurking in open source repositories also poses a threat to connected vehicles and the automotive industry.
  • Ransomware-as-a-Service (RaaS) Groups will reconsider their business model as the power of double-extortion attacks diminishes. The security predictions assume that some players will focus on the cloud in the future, while others will turn their backs on ransomware entirely in order to make money through other forms of extortion, such as data theft.
  • Social Engineering Attacks are becoming even more successful with Business Email Compromise (BEC)-as-a-Service and the increasing use of deepfakes.

How organizations should address threats in 2023

  • A zero trust strategy, which is based on the mantra “never trust, always verify”, can minimize damage without impacting user productivity.
  • Training and the comprehensive sensitization of employees turn a weak link in the security chain into an effective line of defense.
  • Consolidation onto a unified security platform for monitoring the entire attack surface and Detection & Response improves an organization's ability to detect suspicious activity on its networks, reducing the burden on security teams and maintaining their efficiency.
  • Stress tests for IT infrastructures can improve defensive capabilities - especially where a perimeter gateway has already been breached.
  • A Software Bill of Materials (SBOM) for each application improves vulnerability management. In this way, companies have an overview of all code, regardless of whether it was developed in-house, purchased from commercial vendors, or obtained from third-party sources.

"Even with the decline of the corona pandemic, working from home will remain part of our working lives," says Richard Werner, Business Consultant at Trend Micro. “This means that in 2023, threat actors will once again focus on unpatched VPNs, connected, home office devices, and backend cloud infrastructure. However, companies can take countermeasures by freeing up their security teams, gaining a comprehensive overview of their attack surface and consolidating detection and response into one comprehensive platform.”

More at TrendMicro.com

 


About Trend Micro

As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.


 

Matching articles on the topic

Cyber ​​danger: HTML smuggling

With HTML smuggling, the malicious file is first created on the user's computer. That's why traditional anti-malware programs and sandboxes detect it ➡ Read more

Companies spend 10 billion euros on cybersecurity

Germany is arming itself against cyber attacks and is investing more than ever in IT and cyber security. In the current year the ➡ Read more

I-Soon: China's state-run foreign hackers exposed 

Internally, it is certainly the biggest betrayal of China: an employee of the I-Soon company revealed data and services ➡ Read more

Growing threats over the last year

In 2023, threats have increased significantly. Attacks via encrypted channels have increased by 24 percent. The manufacturing industry is back on track ➡ Read more

New scam Deep Fake Boss

Unlike classic scams such as the email-based boss scam, the Deep Fake Boss method uses high-tech manipulation ➡ Read more

Data protection: trends in 2024

What challenges could companies face in the area of ​​data protection this year? And how can you relate to that? ➡ Read more

These threats have shaped 2023

In 2023, botnets returned from the dead, ransomware actors found creative ways to make money from theft, and threat actors ➡ Read more

FBI, Europol, NCA: APT group LockBit smashed!

According to the authorities, Europol, the FBI and the British NCA have dismantled the APT group LockBit. At least she has ➡ Read more