Could 2023 be the year of the 'cyberdemic'?

The second half of 2022 has seen several high-profile data breaches taking place. Attacks ranged far and wide, from major corporations such as Optus and Medibank to smaller businesses, leaving CISOs and boards concerned. And it’s brought cybersecurity into the public eye on a whole new scale.

Mimecast’s APAC Field CTO Garrett O’Hara said 2023 will continue to present challenges with the tried and tested attacks set to continue, while we will also see some new tactics come into play.

“Preparedness and organisation-wide awareness about cybersecurity is going to be more important than ever, as we will most likely see brands that have already been hit in 2022 become the target of further attacks in 2023,” he said.

“Social media and instant messaging will also become the new hunting ground for bad actors with impersonation attacks targeting new staff members set to peak — particularly as people change jobs early in the year.”

Here are his cybersecurity predictions for 2023:

History will repeat

High-profile data breaches will continue to hit the headlines with many victims from 2022 making it back into the news in 2023.

“We have seen organisations being attacked by relatively unsophisticated initial methods this year. This is due to the lack of risk appreciation or cyber skills at board and executive level leading to a lack of appropriate investment in tools or execution,” O’Hara said.

“So, we will most likely see organisations that have already been hit, go through second breaches. It takes time to build and increase a security posture, whereas attackers can go after an organisation again relatively quickly.

“Could we see the first bankruptcy happen due to a cyber attack? Time will tell.”

The evolution of phishing

Phishing attacks will continue to iterate as these are low cost with a high return on investment for cybercriminals, especially initial access brokers. However, they will move further away from targeting traditional email communications and evolve more onto social media and instant messaging platforms that are out of scope for most security tools.

“We haven’t hit ‘peak phishing’ yet and are seeing an escalation in target value and impact,” O’Hara said.

“This was predicted years ago, and unfortunately, we are yet to see what it means when a truly high-impact attack happens. I suspect energy, healthcare and financial institutions will be hit in the coming years.”

New starters beware

“Our research suggests that a phishing email impersonating a colleague has the highest chance of success, so impersonation attacks targeting new employees will likely grow as a phenomenon,” O'Hara said.

“As new appointments make a splash on LinkedIn, they will become susceptible to fake welcome emails from “senior executives” or fake company onboarding portals. These will be used for credential harvesting, account takeover or even multistage malware droppers in some cases.

“New starters need to be made aware of these risks as part of their onboarding, to avoid personal and business information falling into the wrong hands.”

A familiar voice?

Just when you thought it was safe to have someone call you to verify that their email is legitimate, threat actors will take social engineering to the next level.

“As AI voice-cloning technology becomes more powerful and readily available, we will see an increase in impersonation attacks that utilise audio deepfakes. These will be used in combination with compromised email and collaboration accounts,” O’Hara said.

Global response to cyber attacks

O’Hara said that as cyber attacks become more visible and the impact to end users better understood, the political responses from countries will increase.

“We have seen some of the fallout from the Medibank data breach with the recalling of Russian diplomats once Russia was attributed to the attack,” he said.

“As the impact of cyber attacks becomes more visible, we’ll also see politicians ride that wave for support and take a harder line on cybersecurity.”

Image credit: iStock.com/Viorika