Common attackers rather than crime organization
Cyberattacks are carried out by hackers who belong to local groups or operate independently. Most of the hackers operating in North America and Europe are young, with the majority having no financial motive for their actions.
Ransomware targets move to Europe
Ransomware remains a serious threat to businesses worldwide, as the United States is the most targeted country by cybercriminals who use this type of attack. In addition, the number of attacks in Europe is expected to increase in 2018 due to the fact that European countries have been slow in implementing technology solutions that would help protect their citizens against ransomware attacks.
Increasing in Data Exfiltration
In the past, cybercriminals attacked with ransomware to earn millions by demanding ransom from their victims. However, in the past year attackers have shifted away from delivering ransomware and towards other types of attacks. These new exploits are believed to be more lucrative than ransomware because they require no payment and could have a wider impact on a company’s reputation. Over the next year, we will continue to see cybercriminals use exploitation techniques, but ransomware may decline as their popularity declines. Ransomware-as-a-Service (RaaS) providers will update their software to focus on espionage with malware installed on the victim’s machine; including leak sites
Information Operations (IO) will rely on outside organizations for credibility.
Information Operations/IO will increasingly rely on outside organizations to increase credibility. Historically, the IO has been politically motivated and supported by the state. This trend is likely to continue in 2023 as outsourcing work becomes more prevalent.
Organizations will turn to passwordless authentication systems. (Passwordless authentication), also known as multi-factor authentication. (Multi-factor authentication)
Security experts predict that organizations will increasingly turn to passwordless authentication systems, also known as multi-factor authentication. (Passwordless Authentication), as well as other solutions for improving authentication. By 2022, IT giants like Apple, Google and Microsoft are expected to comply with FIDO Alliance and World Wide Web Consortium standards by developing enterprise-grade identity platforms based on passwordless authentication.
Theft of users’ personal data
Cybercriminals are increasingly taking control of endpoints
rather than stealing user data, and they are increasingly targeting internal
systems. In the next few years, we will see hackers steal personal information
from users rather than gaining access to their devices. They will use social
engineering techniques and internal data harvesting after. The panel in the
system also supports this view.
Hackers are constantly evolving by reading security research using AI and ML
A trend observed in 2023 is that hackers will learn from security analysts’ articles, research and defense strategies in order to gain an advantage over their targets. They will also attempt to exploit system vulnerabilities to gain access to information.
The rise of hackers grabbing credentials
Data-stealing malware programs are widely available as an attractive alternative to more expensive solutions. These programs are less expensive to try out and take longer to develop than other, more complicated options.
When the real world meets the virtual world
Reportedly, SMS attacks, email attacks, and application redirection attacks are on the rise. This consists of deceiving victims in the real world. In one incident in 2022, the victim received a receipt for a parcel delivery in their mailbox. There is a QR code on the receipt. After scanning it will take you to a fake website that tricks you into asking for your identity and stealing credit card numbers . Of course, 2023 will see more developed attack plans. Attackers may take advantage of their everyday surroundings to deceive their victims by using advertising campaigns as well as weapons similar to those used at Black Friday sales: fake USB keys that contain malicious programs that steal personal information from computers; fake receipts designed to trick people into downloading illegal content; etc. Therefore, educating users and employees in the organization is the best defense against such attacks .
Focus on protecting infrastructure from cyber attacks
In 2023, the government will improve cybersecurity and national security records through the cooperation of large domestic technology agencies and organizations. Analysts expect that the government will review cyber-attack defense standards for organizations to meet the requirements. It is also expected to see increased sharing of cyber knowledge between public and private sector organizations.
PKF perspective
Ransomware continues to be the main attack reported. In the next year, the number of attackers is expected to soar, IO operations, financial threats, and more. The road to stronger cyber defenses has never been easy. especially for security Organizations have a lot to think about in 2023, and of course users and organizations need to help prevent these threats by responding. quick response and efficient