Cyberattacks against hospitals, small and mid-sized businesses, and even nation-states; a sharp rise in ransomware; the risk of cyber warfare; information manipulation. In 2023, attackers are expected to step up their campaigns. Here are the cybersecurity trends to watch and the points of vigilance to keep an eye on in 2023.
Economic slowdown, global inflation, war in Ukraine, the aftermath of the Covid crisis in China... The turbulent international context of 2022 has already had an impact on a large share of users, companies, and governments. Hackers exploit these emotional and geopolitical vulnerabilities to launch cyberattacks across the globe. We are already seeing an increase in the number of hacking incidents and IT security threats facing companies and organizations in 2022. In November 2022, the European Parliament was hit by a DDoS attack, a malicious denial-of-service operation claimed by the hacker group Killnet. The Parliament's operations were not affected, but its website was knocked offline, overwhelmed by an unusual but artificial flood of traffic. The cyberattack came in response to a Parliament declaration against Russia, which it described as a "state sponsor of terrorism".
Nation-states themselves are no longer safe from cyberattacks either. Between the war in Europe pitting Ukraine against Russia and the rising tensions in Asia between China, Hong Kong, and Taiwan, many forecasts point to an increase in cyberattacks against countries that confront China and Russia in these conflicts. In addition to Ukraine, Hong Kong, and Taiwan, allied countries such as Japan, South Korea, and even France also risk facing more attacks from hackers.
For several years now, hundreds of thousands of attacks have been traced back to foreign states such as North Korea, and this practice is only set to grow in the year ahead.
Given that more than 70 countries will hold elections in 2023, it is entirely foreseeable that we will see numerous cyberattacks aiming to weaken certain governments or election campaigns.
Rise of ransomware
Among the cyberattacks that have grown the most recently, ransomware regularly made headlines in 2022. With this type of cybercrime, a malicious program is introduced onto a device or network. The company's data is then "held hostage," with files encrypted by the cybercriminals. The victim must then pay a ransom to the attackers in order to decrypt and recover the digital data. Today, ransomware has become highly lucrative and increasingly sophisticated, with the development of SaaS (Software as a Service) tools dedicated to this type of cyberattack. People now even speak of Ransomware-as-a-Service. For roughly 50 dollars per month, a hacker can get everything needed to run their ransomware campaigns.
The risk is no longer limited to returning data to the owning company in exchange for money; it is also possible to resell the data to third parties or to leak compromising information in order to damage the reputation of victim companies and organizations.
While the practice once mainly targeted large companies and big organizations, ransomware now also strikes smaller structures such as SMBs. The healthcare sector has been particularly hard hit in France, with cyberattacks targeting hospitals (victims include the hospital of Oloron-Sainte-Marie, the hospital of Dax, and more recently the hospital of Versailles).
In parallel, we can therefore expect an uptick in activity for cyber insurance, a useful safeguard against this type of malicious cyber activity.
Deepfake: surge in fraud and phishing
Deepfake technology makes it possible to create a fake photo or video using artificial intelligence. The goal is to spread doctored images on the internet to manipulate the information being conveyed. With deepfakes, it is possible to make public figures appear to say things or be in situations that are entirely fabricated. Early deepfakes were easy to spot, but AI technologies are evolving constantly and now make it possible to produce fakes that are far harder to identify.
Deepfakes can therefore become a tool of choice for cybercriminals and be used for CEO fraud, for example. Deepfakes could cause even more serious damage, such as identity theft, falsification of information, or fraudulent use of personal data.
Last year, even Elon Musk, the famous head of Tesla and SpaceX, was the victim of a deepfake used to divert and steal cryptocurrencies.
Cyberattacks linked to remote work
Since the Covid-19 health crisis, working from home has become widespread and democratized. On top of this, the trend of BYOD (Bring Your Own Device) is growing, with employees using their personal devices rather than those provided by the company. Whereas it used to be easier for IT departments and CIOs to secure the networks and devices used by employees, the multiplicity of connected devices is increasing the risk of attacks.
In 2023, employees will use an even greater variety of devices, particularly personal devices, to perform their work tasks. The number of potential entry points and exploitable vulnerabilities for hackers will rise accordingly.
In some companies where every employee works remotely, teams know each other less well. Attackers therefore have a better chance of fooling employees with fraudulent messaging attacks, for instance by impersonating a coworker or a member of the company's leadership team.
Rise of 5G and the proliferation of connected devices
As always, the development of new technologies comes with a growing risk of attacks, as cybercriminals exploit the flaws in these new tools. The deployment of 5G networks and the related infrastructure will multiply the potential entry points for attackers.
Recent years have seen the explosion of connected devices, ranging from watches to in-car embedded systems and home automation services. All these devices represent potential entry points for attackers because they are all connected to the internet. Since most of these devices do not hold sensitive data, their protection and security have very often been neglected. Yet they are still linked to online networks, and through the cloud they can facilitate access to personal data. They have therefore become prime targets for cybercriminals.
2023 will therefore not bring a decrease in cyberattacks worldwide. On the contrary, the rapid development of new technologies (such as artificial intelligence and 5G) and the multiplicity of connected systems will increase the number of potential entry points and exploitable vulnerabilities for attackers and cybercriminals. International tensions and the anxiety-inducing economic context are also working against cybersecurity.
In order to reduce digital and IT threats, cybersecurity must become a central topic for companies and organizations. Large groups are no longer the only victims of these malicious acts: attacks are multiplying against SMBs, which have become a prime target for cybercriminals, as well as against governments themselves. It is therefore essential that CIOs and other IT departments become aware of these security threats and equip themselves with appropriate solutions (software, insurance). Staff must be trained internally, or failing that, organizations should call on a specialized cybersecurity company to assess their vulnerabilities and take charge of remediation to ensure their protection.
Here is a recap of the 5 pillars of corporate security:
Deploy a firewall
Back up data
Secure email services with an email filtering solution
Apply updates
Train employees