Guarding the critical infrastructure of the United States will remain a top priority for those in the realm of cybersecurity. However, it won’t be the only target for hackers, cyber criminals, and even bad actors working at the behest of rogue states such as Iran and North Korea.
Phishing, man in the middle, and social engineering campaigns could become more sophisticated and will likely continue to increase at an alarming rate, warn the cybersecurity researchers at Veridium.
The Past Landscape
In other words, many of the threats from last year will remain this year, but at even more significant levels.
“Third party breaches will play a larger role due to variation in security practices and orphaned or overarching access rules,” explained Baber Amin, chief operations officer at Veridium.
Moreover, the lack of consistent multi-factor authentication could continue to create breach opportunities, while inconsistent access control rules will play a larger role in breaches across build and deploy pipelines.
“The bad guys are still breaking digital windows and kicking down digital doors, so to speak, and will continue well into 2023 and beyond,” said Ted Miracco, CEO of security provider Approov.
“The growing number of man-in-the-middle (MITM) attacks is a serious threat as hackers position themselves between unwitting consumers and a vendor portal to steal credentials, access codes, and certificates as it is being transferred,” Miracco noted. “Neither detects the hack and presumes a normal exchange of data. Meanwhile, the cyber thief has made off with the consumer’s digital identity, banking data or health records by using the API keys that were lifted in transit.”
Last year also saw the threats to critical infrastructure and industrial control systems (ICS) expanded.
“Remarkable threats against critical infrastructure included the use of wiper malware, ransomware, the development of advanced hacking tools tailored specifically to target industrial systems, and the emergence of threat actor groups dedicated to attacking critical infrastructure and ICS,” suggested Andrew Bayers, director of threat intelligence at Resilience.
Hacking Trends To Watch For In 2023
“In 2023, we expect nation-sponsored advanced persistent threats (APTs) pursuing military objectives to continue targeting critical infrastructure and ICS (industrial control systems),” added Bayers. “Their targets of interest are typically assets they can exploit to disrupt or destroy PLCs and safety systems compromising the cyber-physical processes. Financially driven threat actors will continue to pose a significant threat to critical infrastructure.”
1. Quantum Computing Could Impact Encrypted Data
Geo-politics will continue to have a big impact on the threat landscape, especially as cyber has become a force multiplier for those rogue nations. This will be amplified, thanks to the power of quantum computing and its ability to target encrypted data.
“Many nations and attackers believe that quantum is the future of cyber power which has started a race to develop the strongest capabilities in this area,” said Chris Vaughan, vice present of technical account management at cybersecurity research firm Tanium.
The technology has the potential to cause huge disruption and damage if it falls into the wrong hands.
“Western governments and companies hold some of the most cutting edge research in this area and it needs to be protected,” said Vaughan. “The cybersecurity sector should be keeping a close eye on this because whilst overall adoption of the technology is still relatively low, it’s increasing steadily.”
2. More Readily Available Hacking Tools
Even without quantum computing, hacking could become increasingly easier due to the fact the tools are being made available on the Dark Web.
“Malicious cyber tools are becoming more available to be purchased online which is leading to a greater number of attacks that are also less predictable,” warned Vaughan. “This includes vulnerabilities and exploits as well as hackers for hire, dramatically lowering the barrier of entry for anyone interested in launching a cyber attack. Ransomware as a Service (RaaS) is an example of how less sophisticated cybercriminals are becoming able to extort organizations with advanced tools. This will continue to be a huge problem, especially for the private sector, in 2023.”
The problem could be compounded by our ever-connected world, where one unprotected device could leave an entire network vulnerable.
“As Internet of Things (IoT) device usage grows, we expect to start seeing an increased number of attacks on IoT,” suggested Amin. “This includes all aspects of IoT infrastructure, i.e. control channel, device communication, data or signal integrity, device takeover, etc. We will also see the increased usage of artificial intelligence (AI) and machine learning to gain unauthorized access to networks and data.”
3. Ransomware on a Decline
One bright spot noted by cybersecurity researchers is that ransomware actually may have seen a decline. According to Comparitech’s U.S. ransomware tracker, the number of recorded publicly-reported attacks in 2022 was 335 compared to 676 a year earlier.
“Ransom demands remained high, dropping from an average of $5.5 million 2021 to $4.74 million 2022. The business sector noted a huge increase in its average ransom demand, however, rising from an average of $8.4 million in 2021 to $13.2 million in 2022,” explained Rebecca Moody, head of data research at Comparitech.
“Equally, while the number of records impacted in these attacks dropped significantly (falling from 43.6 million 2021 to just over 17.3 million in 2022), the average number of records involved in each attack remained quite similar,” she added. “On average, 2021 saw nearly 117,000 records impacted per ransomware attack, while 2022 saw 96,161 records affected.”
However, more formalized approaches for ransomware could still make the barrier for entry lower thereby making it a more accessible to a broader base of criminals.
“This in turn creates a greater number of attackers and sophisticated campaigns to guard against,” said Tim Morris, chief security advisor for the Americas at Tanium.
Moreover, the global disruption of criminal networks in the wake of the geo political conflict has made ransomware and extortion more commonplace.
“As ransomware increasingly turns into extortion opportunities which are simpler to execute, we can expect to see this trend to continue,” warned Morris. “It’s important to understand that there are many splinter groups that rely on ransomware and extortion to fund illicit operations and even state-sponsored campaigns.”