By Vishak Raman, Vice President of Sales, India, SAARC and Southeast Asia at Fortinet
While “less is more” being the strategy of CISOs behind consolidating networks and security, "more is more" seems to be the mantra cybercriminals continue to live by. As we look at our threat predictions for 2023 and beyond, there is “more” at every turn. Cybercrime will converge with advanced persistent threat methods and cybercriminals are finding ways to weaponize new technologies at scale to enable more disruption and destruction. The most troubling trend we’ve observed across the cyber landscape this year that we anticipate will continue into the future—is that threats of all kinds are becoming increasingly ubiquitous. From Ransomware-as-a-Service (RaaS) to new attacks on non-traditional targets like edge devices and virtual cities, the growing volume and variety of increasingly sophisticated cyberthreats will surely keep security teams on their toes in 2023 and beyond.
New Threat Trends in 2023 and Beyond
It’s not surprising that cyber adversaries will continue to rely on tried-and-true attack tactics, particularly those that are easy to execute and help them achieve a quick payday. However, FortiGuard Labs predicts that several distinct new attack trends will emerge in 2023. Here’s a glimpse of several attack developments we’ll be watching for in the next year:
The Explosive Growth of CaaS: Given cybercriminals' success with RaaS, we predict that a growing number of additional attack vectors will be made available as a service through the dark web. In addition to the sale of ransomware and other Malware-as-a-Service offerings, we'll also start to see new a-la-carte criminal solutions.
Money Laundering Meets Machine Learning: We also expect that money laundering will get a boost from automation. Setting up money mule recruitment campaigns has historically been a time-consuming process. We anticipate that cybercriminals will start using machine learning (ML) for recruitment targeting, helping them to identify potential mules better while reducing the time it takes to find these recruits. Over the longer term, we expect that Money Laundering-as-a-Service (LaaS) is also on the horizon, which could quickly become part of the growing CaaS portfolio.
Deep Web Destinations Welcome a Wave Cybercrime: And while newer online destinations like virtual cities that take advantage of augmented reality (AR), virtual reality (VR), and mixed reality (MR) technologies open a world of possibilities for users, they also open the door to an unprecedented increase in cybercrime. From virtual goods and assets that can easily be stolen to potential biometric hacking, we expect this attack surface will result in a new wave of cybercrime.
Wipers Become Rampant: We’ve already witnessed the alarming growth in the prevalence of wiper malware, but we don’t expect attackers to stop there. Beyond the existing reality of threat actors combining a computer worm with wiper malware, and even ransomware for maximum impact, the concern going forward is the commoditization of wiper malware for cybercriminals. Malware that may have been developed and deployed by nation-state actors could be picked up and re-used by criminal groups and used throughout the CaaS model. Given its broader availability combined with the right exploit, wiper malware could cause massive destruction in a short period of time given the organized nature of cybercrime today.
Protecting Your Organization Against the Evolving Threat Landscape
While keeping up with the volume and velocity of threats can often feel like an uphill battle, the good news is that most of the tactics they’re using to execute these attacks are familiar, which better positions security teams to protect against them.
Understanding the lifecycle of an attack can go a long way in helping you protect your networks—the MITRE ATT&CK framework is an excellent resource. Implementing network segmentation is also critical in protecting your organization against cybercriminals. Segmentation improves security by preventing attacks from spreading across a network and infiltrating unprotected devices. In the event of an attack, segmentation also ensures that malware can’t spread into your other systems.
Yet the most important action you can take to enhance your organization’s security posture is to adopt a broad, integrated, and automated cybersecurity mesh platform. Cybersecurity defenses have traditionally been deployed one solution at a time, usually in response to an emerging challenge. But a collection of point solutions simply doesn’t work in today’s growing threat landscape. Consolidation and integration into a single cybersecurity platform is crucial, especially considering the increasing ubiquity of all types of threats today, no matter the industry or the size of an organization.
Using an inline sandbox service is a good starting point to protect against sophisticated ransomware and wiper malware threats. It allows real-time protection against evolving attacks because it can ensure only benign files will be delivered to endpoints if integrated with a cybersecurity platform.
Implement Network Segmentation and Micro segmentation
Network segmentation offers many benefits for businesses. Segmentation improves security by preventing attacks from spreading across a network and infiltrating unprotected devices. In the event of an attack, segmentation also ensures that malware can’t spread into other enterprise systems. Micro segmentation is a network security technique that enables security architects to further segment an environment for lateral visibility of all assets in the same broadcast domain. Granularity is achieved by logically dividing the network environment into distinct security segments down to the individual workload level. Because policies are applied to individual workloads, micro segmentation offers enhanced resistance to attacks. And if a breach does occur, it limits a hacker’s ability to move among compromised applications
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.