5 Cybersecurity Trends to Prepare For in 2023

Last March, Gartner predicted that by 2025, 45% of organisations will have experienced attacks on their software supply chains – a figure three-times increase from 2021. Not only are supply chain attacks on the rise, but the techniques attackers are using and the level at which they are infiltrating systems threaten the enterprise in a way like never before. 

The consequences of these attacks can be severe. Attacks can now exploit third-party cloud services as a way of entry into companies’ most important systems, as seen in recent high-profile attacks on Microsoft, GitHub and Mailchimp. Beyond the damages to organisations and third parties, however, there is also the risk of classified information being exfiltrated, putting national security at stake. 

In such a challenging environment for supply chains, establishing good practices early on and implementing them over time. This will allow companies to improve resilience, whilst also reducing the number of disruptions and the damage they cause.

State-sponsored attacks (SSAs) are carried out by cyber criminals directly linked to a nation-state. The Ukraine-Russia conflict has opened the floodgates to a new wave of these sophisticated attacks, with organisations in both the public and private sectors around the world becoming targets of all sorts of attacks. But it is not just Russia and Ukrainian organisations that find themselves in the crossfire of cyber warfare. 

A recent report released by Microsoft found that the proportion of cyber-attacks perpetrated by nation-states targeting critical infrastructure jumped from 20 per cent to 40 per cent, largely due to Russia’s aggressive espionage targeting Ukraine and its allies, including the US. 

As the geopolitical climate intensifies, the rate of these attacks is set to only accelerate further in 2023 as nation-state actors become increasingly aggressive in cyberspace.

The Covid19 pandemic has given birth to a new, remote enterprise that is able to operate and communicate entirely virtually without the need for a physical workspace. Despite all the advantages that come with remote working, however, the practice has paved the way for cybercriminals to infiltrate cybersecurity defences and attack business infrastructures. 

A remote working environment relies on the use of a public cloud, highly connected supply chains and the use of cyber-physical systems, which, as Gartner reports, “have exposed new and challenging attack surfaces.” Experts warn this could provide new ways for cybercriminals to exploit vulnerabilities in a company’s defence strategy and launch more damaging attacks. 

In 2023, with an expected 25% of professionals choosing to work entirely remotely and the majority of others working partly remotely, experts warn cybercriminals may find new pain spots in cybersecurity defences and create new challenges for business leaders and IT teams alike.

With the global market for AI-based cybersecurity products estimated to reach $133.8 billion by 2030, AI’s role in the future of cybersecurity is more evident than ever. AI is already proving its worth this year, spotting malware, identifying and classifying threats, and in some cases, taking automated action to launch a defensive response to attacks. 

In 2023 and beyond, experts believe AI will move into the few remaining areas of security operations and allow IT teams to better monitor the threat landscape and protect the data infrastructure of their company with accurate detection, faster response times, and fewer staff. They highlight that Machine learning can be applied to classification algorithms that detect malware and spam, anomaly detection algorithms to detect malicious traffic or suspicious activity, and correlation algorithms to connect signals from disparate systems. 

For all of AI’s positive uses, however, there is also concern that AI may also become a powerful weapon for the cyber threat actors of tomorrow. AI-wired ransomware and malware can also hide within a company’s infrastructure and collect data on a company until it has enough valuable information to launch a coordinated attack with a low risk of detection. This is why, in 2023, many companies may opt for new “zero trust” cyber defence models, where traffic and applications are monitored regularly to ensure they do not pose a threat.

Cybercrime-as-a-Service (CaaS) enables cybercriminals, malware developers, and other threat actors to their cybercrime services to potential customers on the dark web. The model has swept the cyber threat landscape in recent months making it possible to both commercialise and scale cybercrime at new and unprecedented levels. 

This year, experts expect to see an observable shift from threat actors becoming more of an enterprise where criminals are able to hire developers and consultants and earn a living from cybercrime. This could lower the barrier of entry for cybercrime as it allows cybercriminals to launch complex and rapid malware campaigns without the need for advanced technical skills. 

According to experts, security teams will need to monitor cybercrime and hacking platforms, especially those hosted on the dark web, in order to identify threats to limit the dangers caused by their attacks. Early detection of these attacks will allow law enforcement agencies to shut down the infrastructure used by threat actors and take down its malicious products and services.