The second half of 2022 has seen several high-profile data breaches taking place. Attacks ranged far and wide, from major corporations such as Optus and Medibank to smaller businesses, leaving CISOs and boards concerned. And it’s brought cybersecurity into the public eye on a whole new scale.
Mimecast’s APAC Field CTO Garrett O’Hara says 2023 will continue to present challenges with the tried and tested attacks set to continue, while we will also see some new tactics come into play.
“Preparedness and organisation-wide awareness about cybersecurity is going to be more important than ever, as we will most likely see brands that have already been hit in 2022 become the target of further attacks in 2023,” he says.
“Social media and instant messaging will also become the new hunting ground for bad actors with impersonation attacks targeting new staff members set to peak – particularly as people change jobs early in the year.”
Cybersecurity predictions for 2023:
History will repeat
High-profile data breaches will continue to hit the headlines with many victims from 2022 making it back into the news in 2023.
“We have seen organisations being attacked by relatively unsophisticated initial methods this year. This is due to the lack of risk appreciation or cyber skills at board and executive level leading to a lack of appropriate investment in tools or execution,” says O’Hara.
“So, we will most likely see organisations that have already been hit, go through second breaches. It takes time to build and increase a security posture, whereas attackers can go after an organisation again relatively quickly.
“Could we see the first bankruptcy happen due to a cyberattack? Time will tell.”
The evolution of phishing
Phishing attacks will continue to iterate as these are low cost with a high return on investment for cyber criminals, especially initial access brokers. However, they will move further away from targeting traditional email communications and evolve more onto social media and instant messaging platforms that are out of scope for most security tools.
“We haven’t hit ‘peak phishing’ yet and are seeing an escalation in target value and impact,” says O’Hara. “This was predicted years ago, and unfortunately, we are yet to see what it means when a truly high-impact attack happens. I suspect energy, healthcare and financial institutions will be hit in the coming years.”
New starters beware
Our research suggests that a phishing email impersonating a colleague has the highest chance of success, so impersonation attacks targeting new employees will likely grow as a phenomenon.
“As new appointments make a splash on LinkedIn, they will become susceptible to fake welcome emails from “senior executives” or fake company onboarding portals. These will be used for credential harvesting, account takeover or even multistage malware droppers in some cases,” says O’Hara.
“New starters need to be made aware of these risks as part of their onboarding, to avoid personal and business information falling into the wrong hands.”
A familiar voice?
Just when you thought it was safe to have someone call you to verify that their email is legitimate, threat actors will take social engineering to the next level.
“As AI voice cloning technology becomes more powerful and readily available, we will see an increase in impersonation attacks that utilise audio deepfakes. These will be used in combination with compromised email and collaboration accounts,” says O’Hara.
Global response to cyberattacks
O’Hara says as cyberattacks become more visible and the impact to end users better understood, the political responses from countries will increase.
“We have seen some of the fallout from the Medibank data breach with the recalling of Russian diplomats once Russia was attributed to the attack,” he says.
“As the impact of cyberattacks becomes more visible, we’ll also see politicians ride that wave for support and take a harder line on cybersecurity.”