Cybersecurity is like chess. Your opponent looks at your vulnerabilities and possible moves, and you do the same. The better you can predict your opponent’s next move, the better you will be at the game. Use all information available to you, including these predictions from industry thought leaders, to determine likely cyberattack targets in the coming months, assess your risks, and plan your defense.
MFA Attacks
You have implemented multifactor authentication (MFA) to prevent unauthorized access to your network and applications. However, it’s given hackers a new cyberattack target. Eric Avigdor, senior director of product management at JumpCloud, says, “MFA fatigue attacks and organizations trying to figure out how best to respond to them will be a huge trend in 2023.”
Alexander Falatovich, senior cyber security threat analyst at Identity Digital, explains that these attacks, such as prompt bombing where an attacker keeps pushing second-factor requests, try to trick the user into approving one so it will stop – and give the attacker access to the account. “In reaction, developers likely will move towards more resilient forms of additional authentication, e.g., hardware tokens.”
Avigdor adds, “I also think organizations will evaluate MFA factors and see how they can leverage biometrics as a factor, specifically fingerprint readers and face recognition that are built-in to nearly every new device.”
Romain Basset, Director of Customer Services at Vade, predicts phishing will play a role in MFA attacks. “We’ll see more phishing campaigns that are able to circumvent MFA by acting as a proxy with the real authentication system, or by tricking users who have MFA fatigue.” Basset cites the recent Uber hack as an example of how damaging MFA fatigue can be for even the largest businesses. All it takes is one click on an “approve request” button to put an entire company’s data at risk.
Attacks on APIs
Falatovich also anticipates APIs will also increasingly become cyberattack targets. “As API use increases, so will attacks focusing on insecure APIs.”
CD Networks’ State of Web Security report states that attacks on API services in 2022 increased by 168.8 percent over 2021. The report concludes that a zero-trust model can help fortify cloud, hybrid, and remote work systems that rely on APIs.
Attacks on Low-Code/No-Code Apps
Daniel Riedel, SVP, business transformation, at Copado, predicts, “Geo-Political pressures and a more sophisticated attacker will continue to find new ways of attacking systems, we will start to see some significant breaches around low-code/no-code applications built by citizen developers not using DevSecOps,”
He explains that organizations that adopt those methodologies and tools need to test for common errors to increase the chances they’ll become cyber attack targets.
Wiperware Attacks Increase
Jon France, CISO at (ISC)2, predicts an increase in wiperware. “Although wiperware, ransomware’s close cousin, has been around for nearly a decade now, we saw a drastic increase in the number of wiperware attacks in 2022.”
France explains that the motivation behind wiperware is almost always to sabotage victims, especially during times of war, as we see with Russia and Ukraine. He says, “Seven different types of wiperware have been used to attack Ukrainian organizations in attempts to weaken their abilities to conquer Russia. We can anticipate a rise in nation-state-motivated wiperware attacks in 2023 as the Russia-Ukraine conflict continues, and we can expect to see other nations utilize these attacks in future conflicts now that they’ve become more prevalent on the global scene.”
“Additionally, with the rise in wiperware, there’s likely to be a rise in phishing attacks, given that it’s the most common vector for distributing ransomware and wiperware,” France adds.
Ransomware Attacks Continue
The Vade Cyber Threat Experts (CTE) team looks for ransomware attacks also to continue to get more sophisticated in terms of evading detection, adapting, and exploiting new vulnerabilities.
The CTE team sees two factors driving ransomware attacks, Ransomware as a Service, which allows less skilled hackers to carry out attacks, and double extortion, which gives hackers more leverage over their victims.
Supply Chain Attacks and Hijacking
Michael Posey, Pre-Sales Engineer at Vade, explains, “We will see hackers adjust their strategy, including impersonating suppliers or customers. I expect more supply-chain attacks and hijacking,” he says.
Posey predicts hackers will disguise themselves as a supplier or customer of the company to gain access to company networks and wreak havoc to the connected supply chains. Additionally, Posey believes hijacking attacks, where hackers use compromised accounts to join existing email communications or create new ones, will increase and enable bad actors to launch more targeted attacks than have previously been popular.
The Metaverse Creates New Attack Vectors
The metaverse is inspiring imagination and innovation – including among hackers and attack groups looking for new cyberattack targets. Larry Chinski, VP of global IAM strategy at One Identity, says, “As the metaverse gains traction, and new usage and access points evolve alongside it, the identity landscape will grow exponentially – opening up new gateways and threat vectors to potential cybercriminals. Already, 95 percent of businesses report challenges managing the number of identities that currently fall under their organization’s umbrella, which includes humans, devices, digital identities and the multiple locations where the identities reside.”
He predicts, “So, as adoption of the metaverse increases, and users are encouraged to engage with and embrace the metaverse in new ways – through both digital and physical channels – it’s important for business leaders to keep in mind how preventative identity security and proactive identity management can be in mitigating longer-term cybersecurity risks.”
