Every year brings new challenges for cybersecurity as cybercriminals learn to adopt new technologies to carry out increasingly more sophisticated attacks. But 2022 was a more quiet year, with fewer notable incidents compared to previous years. However, that does not mean cybercriminals were not busy. Ransomware attacks were carried out, new cybergangs emerged, data breaches occurred, and damages worth trillions of dollars were caused.
In 2022, cybercrime, ransomware, in particular, remained one of the biggest headlines, not only because of carried-out attacks but also because some major arrests were made. Most notably, members of the notorious Lapsus$ cyber gang were arrested in early 2022. The year 2023 will not be drastically different and trends will remain more or less the same. We can expect more focus on privacy in 2023, with certain regulations coming into effect. We may also see cybercriminals using more sophisticated technologies in their attacks, as well as witness certain gradual changes in the ransomware landscape. It’s also an easy prediction that Russia will carry out state-sponsored cyberattacks not only against Ukraine but also its allies, including the US. And lastly, by the end of 2023, damage caused by cybercrime will have exceeded $8 trillion.
What you can expect in cybersecurity in 2023
Increased focus on privacy
Following the California Consumer Privacy Act (CCPA) that took effect on January 1, 2023, companies should expect even more scrutiny when it comes to how they handle consumer data. This is good news for consumers as they will get more control over what companies can do with their data. Privacy laws differ in different US states but we will likely see privacy become one of the main priorities in 2023 as consumers are becoming increasingly more concerned with what organizations do with their information and whether their privacy is protected. With GDPR, European countries already have one of the strictest privacy laws but other countries will likely follow as well, as privacy becomes one of the main topics.
Ransomware groups may change strategies but continue to carry out targeted attacks
According to certain statistics, ransomware has started declining in the last year, with a more than 20% decrease compared to 2021. This may be the result of many factors, including stricter regulations when paying the ransom, as well as victims being more prepared to mitigate attacks. Whether this trend continues only time will tell but this certainly does not mean that cybercriminals will halt their malicious activities. Rather, it’s likely that in the near future, ransomware operators will start changing their strategies. Instead of only encrypting files, more ransomware gangs will focus on exfiltrating files in order to threaten victims into paying the ransom or simply sell the data to other cybercriminals.
After large-scale and significant ransomware attacks, particularly the Colonial Pipeline attack, there have been changes in how an affected company should deal with an attack. It’s somewhat more complicated for victims to pay the demanded ransom because of stricter regulations that require cyber incident reporting when paying the ransom. Furthermore, insurance companies are getting less and less inclined to reimburse ransom payments, which will also contribute to the decline. Businesses are also better prepared to deal with ransomware attacks because of reliable backups, as well as operation recovery plans. All of this may contribute to the changing ransomware landscape.
Large-scale targeted ransomware attacks are one thing that is not going to change in 2023 or in the near future. While such attacks require more preparation, resources, and effort, they bring in significantly larger sums of money. However, ransomware gangs will need to select their targets very carefully in order to not attract too much attention as increased scrutiny has already resulted in many arrests. It’s likely that more notable ransomware groups will rebrand with new names in 2023 in order to avoid the spotlight and the problems it brings.
More sophisticated phishing attacks
As is the case every year, we can expect that cyberattacks will become increasingly more sophisticated. Regular users will continue to deal with mostly poorly-made phishing emails with grammar and spelling mistakes because this method is relatively low-effort but can have high rewards. However, attacks aimed at specific targets will be much more sophisticated. Phishing attempts will be personalized and well-written, as well as have all the relevant logos to make them almost indistinguishable at first glance. To carry out such phishing attacks successfully, malicious actors need to put in a lot of work and time, which is why such attacks will be reserved for high-level targets. It’s also worth mentioning that cybercriminals will use artificial intelligence to enhance their phishing attempts. Social engineering attacks using audio and video will become increasingly more common.
More sophisticated phishing attacks mean companies need to up their security as well. That includes training employees to spot potential attacks.
Cyberattacks originating from Russia will continue
Russia has always been a safe haven for cybercriminals and cyber gangs. The country is also no stranger to performing state-sponsored cyber attacks. As Russia continues to suffer losses in the war it started against Ukraine, it’s likely that the number of cyberattacks originating from Russia will increase. Ukraine will not be the only target, as Russian hackers will also attack Western countries for their continued support of Ukraine and the enforced sanctions. Critical infrastructure and sectors including energy, financial services, shipping, etc., will likely be targeted for the sake of disruption. In order to cause as much disruption as possible in both Ukraine and its allied countries, Russia’s state-sponsored attacks will likely forgo ransom demands and focus on shutting down critical infrastructure and preventing access to it. Whether it will be successful in doing so is another question. But considering Russia’s long history of cybercrime, the threat of a cyberattack should not be taken lightly.
Cybercrime damage will reach an all-time high
This one is not difficult to predict as damage from cyberattacks has been steadily raising for years now. But in 2023, cybercrime damage cost is expected to be above a staggering $8 trillion. It’s also expected that cybercrime costs will grow by 15% per year over the next three years, reaching $10.5 trillion by 2025. Data damage, stolen money, intellectual property theft, productivity loss, downtime, regular operation restoration, file recovery, forensic investigation, etc., are all included in calculating damage caused by cybercrime.