By Immanuel Chavoya, Emerging Threat Expert, SonicWall
2022 saw a shifting cybersecurity landscape as rising geopolitical conflicts brought new tactics, targets, and goals for cybercrime. According to recent threat intelligence from SonicWall, global ransomware attempts declined 31% YoY as cybercriminals and nation-state actors opted for never-before-seen malware variants, IoT malware, and cryptojacking in attacks motivated by financial gain and state-sponsored hacktivism.
In 2023, we should expect continued change as emerging tech and geopolitical conflicts meet to create an even more complicated and risky threat landscape. Here are a few trends to expect:
False Flags & Finger-Pointing
Vying for dominance in the billion-dollar cybercrime industry, threat actors are going to use the tactics of cybersecurity intelligence providers to begin flooding the market with false flags, diluting actionable intelligence and pointing the finger at competing criminal syndicates. With the rise in sanctions and global takedown coordination, threat actors will become savvy to the practices of threat intelligence providers and begin using Breach and Attack Simulation (BAS) to plant false flags, adopting cutting-edge tactics to simulate other threat actors TTPs.
AI Accelerates Vulnerability Exploitation
AI has proven to be a valuable tool for IT and cybersecurity, but it has also introduced new threats. ChatGPT is a perfect example of this, empowering creators to quickly develop and learn to code, but also reducing the barrier to entry for threat actors. In the wrong hands, AI tools like ChatGPT can be used to create convincing phishing emails, develop malicious code, and perform faster reconnaissance. Knowing the right prompts may allow a sufficiently knowledgeable threat actor to create a near-finished proof of concept exploit, speeding up the weaponization of vulnerability findings and greatly reducing the technical expertise necessary to do real damage. As these tools continue to advance in 2023, developers will need to balance innovation with security, or it could have real consequences for businesses, individuals, and governments.
Geopolitical Attacks on the Rise
As geopolitical conflicts come to a head in 2023, organizations will need to be proactive – not reactive – to respond to assaults. Attacks such as targeted malware or vulnerability exploitation could and are already being used to inflict chaos on critical infrastructure such as healthcare, utilities, financial institutions, and oil and gas. These attacks can tie up resources, cause financial damage, and send a signal. With mounting geopolitical threats, organizations and governments will need to be prepared over the next year by ensuring they don’t have any issues that could become low-hanging fruit for attacks, taking steps such as strengthening password security protocols and implementing multi-factor authentication. Additionally, they should closely monitor network activity for quick identification of, and reaction to, any attack.
By taking these steps and paying close attention to threat intelligence and related guidelines, organizations will be much better prepared to face the evolving threat landscape in 2023.