A Review Of The 2022 Cyber-Landscape

The overall economic environment of 2022 saw tech growth stocks get thrashed, Bitcoin shed roughly 2 trillion USD from its peak value in 2021, and major tech companies lay off tens of thousands of employees. And a new corporate battlefront emerged in 2022 - a showdown over work-from-home policies. Workers showed a strong preference to remain at home even as the number of COVID-19 infections dropped while Elon Musk forced workers back into the Tesla office, citing productivity concerns. 

On top of all the economic, health, and geopolitical chaos, 2022 was also another tumultuous year for cybersecurity. Although the 2022 cyber-threat landscape showed muted growth compared to recent exponential year-over-year increases, the number of attacks and costs due to cybercrime remained at an all-time high. While this may indicate that adversaries have reached their maximum offensive capacity, organizations still need to be better prepared to defend and recover. Regardless, the underlying takeaway is that cybersecurity is still a commanding global concern.

The Biggest Cyber Events Of 2022

2022 was also another hectic year for cyber breaches and zero-day vulnerability disclosures. In January 2022, cybercriminals stole $18 million worth of Bitcoin and $15 million worth of Ethereum from crypto giant Crypto.com. In March, the Lap$us hacking group compromised servers and stole 37 GB worth of source code from Cortana, Bing, and other core Microsoft products. Microsoft also suffered another critical zero-day vulnerability dubbed "Follina," a remote code execution exploit in the Microsoft Office suite of products.

On the political front, most of the world watched on as Ukraine citizens militarized off-the-shelf commercial technology to protect their national sovereignty while the hacker community took sides launching cyber counter-campaigns. Throughout 2022, hacktivist group Killnet played a game of cat and mouse, launching nuisance-level DOS attacks against airlines, hospitals, and government services in countries that support Ukrainian. 

Ransomware continued to have a major commercial and operational impact in 2022. The US enacted red-alert legislation mandating prompt reporting of cyber incidents to the Department of Homeland Security (DHS) in response to rampant ransomware attacks and deleterious critical infrastructure breaches. Alarmingly, Costa Rica declared a national emergency in May when Conti ransomware attacks crippled its government infrastructure.  Admittedly, the attacks listed here only scratch the surface of a difficult year for companies of all sizes. 

Our Cybersecurity Predictions for 2023

The global economy's manic and persistent digital transformation suggests that radically innovative technologies will continue to permeate consumers' lives and corporate business strategies in 2023. These bleeding-edge innovations will certainly introduce new vulnerabilities that give attackers the window of opportunity they seek. 

Let's take a look at some top predictions for emerging trends in the 2023 IT security landscape.

1. The Cybercrime Ecosystem Continues To Diversify And Specialize

The threat landscape is brimming with everything from motivated script kiddies and hacktivists to capable state-sponsored black-hat hackers. Together, they synthesize into cybercrime gangs and have been targeting legitimate businesses of all sizes across all industries with ruthless precision. One key to their success has been the Cybercrime As A Service (CaaS) model, in which threat actors hone highly specialized skill sets for a particular phase of the greater cyber-attack process. Cyber campaigns then emerge from this ecosystem of loosely affiliated entities with complementary attack capabilities. 

The tech economy has already proven that combining highly specialized components is a successful model for fast-paced innovation, and the cyber-crime landscape is no exception. The CaaS model allows moderately skilled and even non-technical criminals to wield sophisticated tools and leverage various malicious services that the digital underground offers. In 2023, the major CaaS players will continue to diversify and specialize their malicious service offerings, and new cybercrime groups will emerge, seeking to exploit value wherever it lies unprotected.

2. Cybersecurity Compliance Is A Determining Factor In Budget Cuts

New government regulations and stricter insurance underwriting have increased the cybersecurity burden that many organizations must shoulder. IT security compliance requires fundamental policies for good cyber hygiene, defence-in-depth strategies, creating awareness about the responsibility of staff for operating securely, and developing contingency plans for recovering from a cyber breach. 

In 2023 and beyond, more companies will implement compliance-oriented cybersecurity programs. The preparedness imposed by compliance will make those risk-averse companies more attractive partners than those who chose to ignore the need for evidence-based cybersecurity. Considering the sky-high costs of a data breach combined with the tighter fiscal goals from economic pressures, executive decision-makers will certainly seek the risk assurances offered by compliant partners.

As the roadmap to compliance matures cyber programs, compliance certification also becomes more accessible to small and medium-sized organizations. These organizations should look for a health check that evaluates their security. A cyber maturity assessment is a good first step in becoming compliant and achieving contractual, regulatory, and stakeholder requirements.

3. Apex Threat Actors Start To Leverage AI As A Force Multiplier

Artificial Intelligence (AI) and machine learning (ML) are becoming effective tools for defensive IT security, but AI and ML can also effectively outsmart humans in complex scenarios and will inevitably become more accessible tools for launching sophisticated cyber attacks. Evidence has already emerged of apex threat actors using AI to attain higher success rates for phishing campaigns and to uncover covert ways to beat defences.

AI-driven malware is being used to mimic the behaviour of a human attacker and offers highly scalable means to launch social engineering-based attacks. Predictive AI can increase attack stealth by identifying potential vulnerabilities using less active reconnaissance. 2023 will see hackers adopting more AI-enabled contextual awareness to better assess target environments and operate more covertly. 

However, although AI and ML are improving rapidly, technology is still only as good as the human behind it - no matter what side you're on: offence or defence. To ensure the right defence measures are in place against AI-driven attacks, a pentester can reveal the weak points using AI and ML tools and replicate a real-hacker scenario to offer actional advisories to protect against these threats.

4. Attacks Against Software Supply Chain Will Increase

2022 also saw a significant increase in critical software supply chain vulnerabilities as companies scrambled to respond to multiple zero-day vulnerabilities in enterprise productivity tools, popular browsers, and open-source software and libraries such as Log4J, NodeJS packages, and Python packages. In 2022, a total of 6,977 new malicious packages were submitted to the node package manager (NPM) and 1,493 to Python's PyPi repository.

All companies rely on 3rd party software, and this dependency will continue to be a significant security concern into 2023. Organizations need to actively track which software they rely on and be more discerning in defining what a "trusted source" of software really means. Going forward, it will be more critical than ever to ingest CTI to ensure any applicable emergency mitigations and security patches are applied.

The threat of software supply chain vulnerabilities should also prod all companies to evaluate the cybersecurity posture of their existing and potential partners, driving more awareness, compliance, and disclosure of cybersecurity practices. Mobile app stores and open-source software platforms such as Github, NPM, RubyGems, and PyPI will hopefully do more to provide better security reviews of software offered through their platforms. Organizations can also take action by conducting ICS/OT Cyber Security Assessment and Cloud Penetration Testing to ensure that their control centre is safe from infiltration by a hacker through their software supply chain.

Summary

Precarious times are on the 2023 cybersecurity forecast as rocketing innovation meets a world with a high degree of economic, environmental, and geopolitical uncertainty. Companies of all sizes need to recognize the benefits and risks that reliance on digital infrastructure presents and employ strategies to appropriately protect both their operations and their customers. 

If the economic stressors of 2022 carry over into 2023, those headwinds will come with pressure to reduce costs - and risk. Organizations will be forced to meet higher cybersecurity standards due to new regulatory requirements and companies that present a strong cybersecurity posture through compliance certifications will stand out and win more contracts. 

Cybercrime has paid off well in recent years leaving threat actors in a good position to reinvest in the development of novel attack strategies, surging a fragmented and highly specialized cybercrime ecosystem forward. Forward-thinking organizations will allocate time and resources to ensure their assets are safe. A penetration testing partner can support in creating and implementing a robust security program to help protect against cybercrime.