Nobody can say for sure what the future holds - as Eugène Ionesco said: You can only predict things after they have happened. However, looking back at recent trends in cyber-criminal behavior, we can get some idea of what they may get up to in the coming year. 

The continued rise of ransomware

A firm hacker favorite in 2022 was ransomware, in which hackers infiltrate an organization’s system, encrypt their files and demand a ransom for their safe return to the owner. According to leading cybercrime analytics company, SpyCloud, in 2022, 90% of businesses surveyed reported having been affected by ransomware. The average cost of such a breach was USD 4.54 million – and that’s before the ransom itself was paid. 

Fueled by their success, cyber criminals continue to hone their ransomware skills, even going so far as to offer ransomware as a service – a lucrative business proposal with low barriers to entry, even for attackers with no technical skills of their own. As part of this phenomenon, experts expect that social engineering techniques, such as phishing, in which emails, websites and SMS messages are used to trick people into giving up personal information - will become increasingly sophisticated and successful. 

The vulnerability of connectivity

As the number of Internet of Things (IoT) devices continues to grow, this increased connectivity makes our data more accessible to hackers. Since devices such as smart wearables, cars and industrial machines do not themselves store sensitive data, they are often overlooked when it comes to securing them. But, hackers can actually use these ‘always-on’ devices to get into other devices in the same network to steal credentials and passwords, obtain company data, carry out reconnaissance, or deliver malware. In the coming year, regulators are set to put in place certain measures to enhance security around connected devices. In the US, for example, cybersecurity labelling standards are due to come into force in the first quarter of 2023, explaining to consumers the risks of using such devices. 

Cloud concerns

Gartner has estimated that 95% of assignments will be deployed to the cloud by 2025, making it a safe bet that cyberattacks on cloud services, infrastructure and applications will continue to rise – especially as encryption, authentication, and audit logging are not commonly offered by cloud providers. Assisted by ongoing remote working practices that rely on cloud storage and collaboration tools to keep team members connected, hackers are also using cloud technology to their advantage, exploiting it to spread malware and other malicious content. 

State-sponsored attacks

As political tension increases between Russia and Ukraine, China and the West, and Iran - both internally and beyond its own borders - state actors are expected to continue using cyberwarfare as a weapon of war. This may take the form of disseminating disinformation and attacking digital infrastructure in parallel to the battle waged on the ground, intellectual property theft, or disruption of critical infrastructure. Governmental elections are another attractive target for hacktivists, seeking to influence the outcome to their own benefit. With around 60 elections due to take place in 2023, there will be plenty of opportunity. 

Targeting critical infrastructure

In the coming year, the threats mentioned until now will all be major risk factors for the critical infrastructure sector, including energy, healthcare and transportation. At one end of the scale, we’ll likely continue to see the kind of scams in which fake emails and text messages are sent to energy customers to steal their personal information. At the other end, there’s large-scale disruption of energy networks by state actors, of the kind seen in the recent Russian attacks on Colonial Pipeline and Solar Winds; and in between there is likely to be exploitation of IoT and OT vulnerabilities by cyber criminals, espionage into green technology and energy policies, and more…

Fighting back

Looking ahead, there is plenty that organizations can do to keep up with the evolving cyber threat landscape – especially if business leaders and cyber experts work together. 

Advances in Artificial Intelligence and Machine Learning have made it possible to automatically detect and prevent threats, by analyzing huge sets of data quickly, and accurately. These technologies enable security teams to pick up on unusual activity, such as increased traffic from a certain source, or user behavior patterns, so that they can take pre-emptive action to anticipated threats.

Gartner reports that zero-trust network access is the fastest growing segment in network security, forecast to grow 31% in 2023. Based on a principle of ‘guilty until proven innocent’, every user, from the newest, most junior recruit to the CEO, is required to be approved to access the network, which contributes to a more robust and resilient security environment. 

Ultimately, according to Forbes, creating a culture of cyber-awareness is one of the most important steps an organization can take to protect itself from cyberattack. Teaching people at all levels, in all roles, how to take basic precautions, rather than thinking of cybersecurity as an issue for the IT department to deal with, can go a long way to preventing the 88% of cyber events caused by human error.