Unfortunately, the reverse will likely be the case, as one cybersecurity firm’s research center experts make their annual threat forecast
Forecasts from the Trellix Advanced Research Center anticipate spikes in geopolitically motivated attacks across Asia and Europe; hacktivism fueled by tensions from opposing political parties; and vulnerabilities in core software supply chains in 2023.
According to the firm’s Head of Threat Intelligence, John Fokker: “Analyzing current trends is necessary, but being predictive in cybersecurity is vital. While organizations focus on near-term threats, we advise all to look beyond the horizon to ensure a proactive posture. Global political events and the adoption of new technology will breed novel threats from more innovative threat actors.”
Trellix forecasts the following threats in 2023:
- Geopolitics and grey-zone conflict: Geopolitical factors will continue to be a high motivation for misinformation campaigns and cyberattacks timed with kinetic military activity.
- Hacktivism takes center stage: As groups of loosely organized individuals fueled by propaganda align for a common cause, they will ramp up their use of cyber tools to voice their anger and cause disruption across the globe.
- ‘Skeletons in the software closet’ will multiply: Both threat actors and security researchers will heighten their study of underlying software frameworks and libraries that can result in an increase in issues and breaches up and down the supply chain.
- Increasing incidence of cyber activity by teen cybercriminals: Teens and young adults will engage at increasing levels in cybercrime — everything from large-scale attacks on enterprises and governments to low-level crimes that target family, friends, peers, and strangers.
- Code-based attribution is declining in attribution accuracy: The outsourcing of malware creation and operation; diversification of malware development; and the use of leaked source code will make attribution of cyber threats to specific threat actors increasingly challenging.
- Imminent global cyber threat to critical infrastructure: A significant rise in advanced (state-sponsored) cyber actors causing disruptions to critical infrastructure in vulnerable targets will be observed.
- With more collaboration comes more phishing: Weaponized phishing attacks will increase across commonly used business communication services and apps.
- “Alexa, start mining bitcoins”: The advanced capabilities of consumer and enterprise IoT devices will be leveraged by hackers to mine cryptocurrencies.
- Space hacking — only go up from here: The compromise of satellites and other space assets will increase and become more public in 2023.
- Here is my number — so call me, maybe: There will be a huge jump in reverse-vishing aka voice phishing attacks, with less tech-aware users being the primary targets.
- Attacks against Windows domains will scale: More domain privilege escalation vulnerabilities will be discovered, as well as more real-world attacks against Microsoft Windows — with the explicit goal of complete network takeover.