The old saying, ‘nothing is certain except death and taxes should be extended to include changes to the cyber security landscape. Cyber security professionals and business leaders can help reduce the threats against their organisations if they know what is happening in that ever-changing landscape.
As cyber threats continue to test even the most battle-hardened company, looking forward to 2023 can all help us get our cyber-ducks in a row.
Here is a look at five trends in cyber security as 2023 unfolds.
Humans Continue to Be a Target in Cyber Security
The human factor in cyber security has been a challenge across all sectors for many years. Human beings are a weak link in a complex chain that leads to data breaches, ransomware infections, and other disasters. Cybercriminals exploit employees; this tactic has seen great strides in scam and cyber attack success because of the fallibility of the human operator.
The Covid-19 pandemic gave cybercriminals a taste for cyber attacks that focus on tactics such as scams and phishing. As proof, analysis by ISACA has found that half of all data breaches are linked to employees’ actions. Targeting an employee is seen as a low-hanging fruit by cybercriminals as this can provide an entry point into the wider corporate network. Once inside the network, cyber attacks, including ransomware infection, Business Email Compromise (BEC), and other malware attacks, can take place.
Cyber security trend: the Verizon Data Breach Investigations Report (DBIR) for 2021 and 2022 show that human error was behind 85% and 82% of data breaches, respectively. The human-factor in a cyber attack will likely remain at this level in 2023.
How to mitigate this cyber security trend: help minimise the human risk in the cyber machine by carrying out regular phishing simulations and Security Awareness Training.
Deepfakes and Extortion
Deepfake technology is used for many legitimate purposes, such as creating game avatars or delivering lessons. However, this same technology is an ideal tool to trick people into believing or doing something that benefits a cybercriminal. The problem is that deepfake videos and audio can be hard to distinguish from the real thing. In a poll by iProov, 43% of respondents said they couldn’t tell the difference between a real video and a deepfake.
Cyber security trend: Deepfakes have already been used in BEC scams. The classic example is the CEO who was scammed out of $243,000 (£210,000) by a voice deepfake (Deepfake Vishing). Another area where deepfakes could become a severe issue is extortion scams.
For example, imagine a deepfake involving a convincing video of a CEO or board member in a compromising position or expressing hate speech. This scenario is highlighted by Europol, who are expecting deepfake technology to be used in attacks on high-level executives, and for evidence tampering, and the production of non-consensual pornography.
How to mitigate this cyber security trend: a mix of technology and human-centric vigilance can help alleviate this growing trend. Employees must be made aware of the impending problem of deepfake extortion. CXOs and the board should be included in security awareness of deepfake scams. Also, add checks and balances for money transfers over a certain amount. AI-based cyber security solutions can help in deepfake prevention too.
Continued Synthetic Identity Fraud
Identity theft is a growing problem across the world. According to a 2022 report by Experian, half of consumers have either been a victim of fraud or know someone who has been affected.
These fraudulent IDs will likely become part of over $48 billion in eCommerce fraud losses predicted in 2023: to create a synthetic identity, fraudsters use a mix of stolen personal and spoof data; increasingly, deep fakes are being used to augment the data. These synthetic identities are then used to create bank accounts, social media accounts, and other seemingly legitimate identity accounts.
Cyber security trend: synthetic identity accounts need data. These data are bought from dark web marketplaces or stolen to order from targeted individuals. A synthetic identity account is used to trick companies into handing out credit or creating new accounts in their system. The result is a loss of consumer trust in businesses and revenue. While synthetic identity is not a new cybercrime, it is lucrative, so it is expected to continue finding new avenues to target attacks.
How to mitigate this cyber security trend: stolen or exposed data is the starting point for synthetic identity fraud. Reduce the risk of data breaches by clamping down on phishing through phishing simulation exercises.
Increase in Cyber Security Scams Because of the Global Recession
According to The World Bank, ‘the world may be edging toward a global recession in 2023 and a string of financial crises in emerging markets and developing economies that would do them lasting harm.‘ History tells us that frauds and scams increase when significant adverse events happen.
For example, during and after the banking crash of the late 2000s, a survey of fraud experts found that 55% of respondents experienced a slight or significant level of fraud. The Covid-19 pandemic saw a similar increase in scams and fraud; a TransUnion report found a 149% increase in fraud attempts in the first quarter of 2021.
Cyber security trend: as the world enters a recession, expect scammers to increase the pressure on your organisation. This pressure will come in the form of increased phishing attacks, BEC scams, ransomware infections, and other financial-related cyber attacks.
How to mitigate this cyber security trend: mitigation of increasing levels of scams requires a multi-layered approach. Build a sound cyber security strategy that encompasses both technological and human-centric cyber security measures.
A Web of Malware
The war of attrition between cybercriminals and organisations has led to evasion tactics that depend on complex malware ecosystems. The attack chain often contains multiple points of attack and increasingly devious methods to steal login credentials.
This increasingly complex ecosystem, used to facilitate a cyber attack, was described in a recent Microsoft blog post on the Raspberry Robin worm: Microsoft suspects that social engineering is used to encourage users to click on a .LNK file or to insert an infected USB key. But this is not the end of the story. Raspberry Robin is, according to Microsoft researchers, part of a massive malware ecosystem, the malware facilitating the installation of further malware, including ransomware.
Microsoft concludes that ‘Cybercriminal malware is an ever-present threat for most organisations today, taking advantage of common weaknesses in security strategies and using social engineering to trick users. Almost every organisation risk encountering these threats.’
Cyber security trend: Raspberry Robin is an example of how cybercriminals and tactics ecosystems create severe challenges in detecting cyber attacks. Expect 2023 to continue this trend for integrated, multi-part cyber attacks that include multiple threats and place humans at the centre of a web of malware.
How to mitigate this cyber security trend: a robust security strategy should respond to this multi-layered cyber attack ecosystem with similar multi-part measures. These measures should include technological measures such as robust authentication, zero trust security, encryption, and intelligent content filtering. However, the human factor will continue to open doorways that cybercriminals exploit, so technological measures must be augmented with human-centric Security Awareness Training.
There is no doubt that cybercriminals will continue to exploit our employees throughout 2023 and beyond. The only way to mitigate complex ecosystems of threats that rely on social engineering, is to provide our staff with the tools to protect themselves and the business.
Security Awareness Training augmented by simulated phishing exercises should be part of a broad approach to security. As 2023 approaches, putting these measures in place is urgent. However, a coordinated effort will provide the protection needed to stop cybercriminals in their tracks.