2022, just like previous years, has not been a quiet year for cybersecurity.
The Conti ransomware gang threatened to overthrow the government of Costa Rica. Another cybercriminal collective, Lapsus, perfected the social engineering attack vector and targeted Microsoft, Nvidia, Uber, Globant, and several other major tech companies, leaking sensitive data throughout the year.
Advanced Persistent Threat (APT) groups have continued to evolve and adapt, developing bespoke sophisticated tools capable of overcoming many defenses.
Among the many industries targeted, hackers have continued to ramp up attacks on healthcare providers, affecting millions of patients around the world.
The situation culminated when password manager LastPass leaked further details of an earlier breach and confirmed that hackers had copied customers’ encrypted safes, while The Guardian, one of Britain’s leading newspapers, reported. had to close its offices due to a ransomware attack.
What are Our cybersecurity predictions for 2023?
The Internet of Things (IoT): more vulnerabilities, slow mitigation
Attackers will continue to take advantage of readily available vulnerabilities in the many IoT platforms and devices.
Faulty authentication, unprotected data transfer, cloud misconfiguration, remote code execution, command injection attacks, and privacy issues are some of the most common and persistent IoT issues requiring cooperation between the IoT device industry and the infosec community. Echoing the Black Hat 2022 conference, security researchers won’t tire of reaching out to device makers with vulnerability disclosures and fixes.
As a step in the right direction, major manufacturers of smart home devices have started to adopt the Matter protocol. It embodies best practices in security, and the hope is that the wider IoT community will begin to move in the same direction of interoperability, simplicity, and a common set of security standards.
However, the current slow pace of mitigation is not expected to improve significantly until governments implement various regulations, such as the IoT Cybersecurity Improvement Act of 2020 in the United States or the Cyber Resilience European Union Act (which could enter into force in 2025). These introduce mandatory cybersecurity requirements for IoT devices.
Persistence of ransomware, malicious drivers, and bootloaders
Ransomware will continue to plague Microsoft Windows systems in particular. The latest malicious worms are spreading like wildfire, while attackers can leverage Ransomware-as-a-Service (RaaS) kits to easily and cost-effectively create and deploy a host of their own variants.
In 2022, ransomware groups have adapted to the changing world, improving extortion techniques and changing the programming language of their code. BlackCat RaaS, for example, developed malware using Rust, considered a more secure programming language than C and C++.
This new year, these gangs should look for new technological solutions, such as new techniques for circumventing entry points or anti-virus software.
In particular, malware written in unconventional (for hackers) programming languages such as Rust, Go or Swift is expected to continue to increase. Not only does this help avoid detection and hinder analysis for security researchers, but it also allows ransomware to target more users across different operating systems.
Another disturbing development is that cybercriminals can now easily explore powerful UEFI bootkits, such as BlackLotus. Potentially undetectable by some antivirus software, these malicious bootloaders used to be associated with experienced hacker gangs and APT groups, but are now available for sale to everyone.
More malware and more phishing for mobile devices
Attackers will continue to deploy malware (early launch anti malware) spreading via links received via SMS, such as FluBot. Both spyware and financial – it copies and spreads through all of the victim’s contacts and steals credit card information stored on the phone – this type of Trojan for Android is very difficult to contain and can easily get rid of. adapt to the current social or political situation. A fraudulent SMS can warn of a failed delivery or invite you to lower your electricity bill or see a friend’s photo.
As Ukraine strives to reclaim some of its territories in 2023, Russian hacktivists are expected to retaliate by continuously targeting Ukrainian and Western organizations with malware. Russian state-backed APT groups are likely to offer their malware as a service to any interested threat actors.
The trend of fake apps associated with spyware and malware, mimicking legitimate apps from the Google Play Store, will not fade away. Using ever-evolving social engineering methods on gullible victims through messaging, social media apps, and even voice calls, cybercriminals will continue to easily install malware intended to gain access remotely or to commit fraud.
