The advancement of technology doesn’t just provide opportunities for society; it also provides new ways that cybercriminals can attack. Not only does every new technology have vulnerabilities that can be exploited; hackers are, themselves, making use of sophisticated tech to carry out their crimes. Here, we examine some of the top security threats to watch out for in 2023.
AI and ML
Cybercriminals are making increasing use of artificial intelligence and machine learning in order to find vulnerabilities in systems and avoid being caught by security tools. AI and ML are used to speed up and improve the accuracy of brute force attacks and to identify patterns in IT systems that disclose weaknesses in software or security tools. At the same time, hackers are also learning how to compromise AI security systems by infecting them with files that behave similarly to malware, but which are benign. By doing this, the security tool is conned into labelling these files as safe. Once this is done, the system can then be infected with malware without the security tool removing it.
Despite numerous headlines over the years, IoT devices remain a target for hackers due to weak passwords and unsecured networks. Today, these devices are used in almost every field, from the monitoring of healthcare to industrial operations and fleet management. In 2023, cybercriminals will continue to exploit vulnerabilities in IoT to steal data and take control of devices. The latter will be increasingly used for ransom purposes.
The growing use of banking apps and smartphone payments has made mobile hacking far more lucrative for cybercriminals and 2023 could see a significant rise in the number of attacks. Expect to see a growth in the use of mobile malware and attempts to get around biometric authentication. The use of mobile antivirus tools and VPN is strongly advised.
While cloud vendors invest heavily in protecting their infrastructure from intrusion and infection, the biggest security challenge for the growing number of businesses and organisations that use the cloud is from within. Issues such as weak password management, phishing attacks and human error can leave the door wide open for data breaches. With so many companies having adopted cloud technology, 2023 will see it become a focus for cybercriminals.
Today’s vehicles are jam-packed with modern technology. The average petrol-powered car has around 1,000 microprocessors, while electric vehicles can have as many as 3,000. These are used to run the computerised systems we rely on for safety, control, comfort, convenience and connectivity.
From a hacking perspective, it’s the vehicle’s ability to communicate using Wi-Fi, 5G and Bluetooth that makes them vulnerable. Hackers can attempt to take control of cars in the same way that ransomware takes over computers, enabling individuals and businesses to be ransomed to regain the use of their vehicles. Apps that can be used to modify car settings or track usage are also vulnerable to being hacked.
While every business and device user is at risk from ransomware, we are increasingly seeing cybercriminals target specific organisations. In 2022, we have seen targeted attacks on local councils, universities and healthcare providers, as well as on major businesses, many of them service providers. While poor security may be a factor in the choice of target, it seems that these types of organisations are being attacked because the nature of the work they do makes it more likely that they will pay the ransom in order to get their system back online quicker. Expect to see this pattern continue in 2023.
Internationally, there is a lot of political tension at the moment. Aside from the conflict in Ukraine, relations between western countries and states like China, Iran and North Korea continue to be fragile. While diplomacy takes place at the human level, in the cyber world, most countries are seeking new ways to carry out cyberattacks and counter any attacks against them. Unfortunately, some countries are carrying out state-sponsored attacks as acts of intimidation or to test how successful their cyber operations can be. While these are often aimed at taking down government and military systems, there are other targets, particularly those organisations that run national infrastructure (rail, road, healthcare, utilities and communications, etc.) and companies that provide services or equipment to the military.
2023 will see cybercriminals seek to develop new ways to carry out attacks and find new targets. They will make use of the increasingly sophisticated tools at their fingertips to exploit the emerging technologies that are being more widely used.
If you are seeking a highly secure hosting partner, check out our wide range of hosting solutions.