Spear phishing to payment vulnerabilities: cybersecurity predictions for 2023
Hacking has increased during the pandemic and the war in Ukraine – © AFP/File Noel Celis
How will the security threat landscape evolve in 2023? To get a realistic assessment of what is likely to happen for cybersecurity in the coming year, Digital diary contacted David Anteliz, senior technical director at Skybox security.
The expert predicts that in the United States, the federal government’s directives on cybersecurity will lead to an increase in threat actor activity against federal agencies. In particular, the threat of spear phishing will be further complicated by the rise of fake LinkedIn profiles. Phishing is a phishing method that targets specific individuals or groups within an organization.
It is also likely that threat actors will exploit new programming languages to become untraceable. As for the primary area of attack, it appears an increasing target will be the retail sector as organizations prepare for the Payment Card Industry Data Security Standard (PCI-DSS 4.0). This standard aims to optimize the security of credit, debit and payment card transactions and to protect cardholders against the misuse of their personal information.
Anteliz looks at the digital storm resulting from US government activities: “Increased cybersecurity guidance from the federal government will lead to increased threat actor activity against federal agencies.”
Of particular interest, says Anteliz, is: “The Cybersecurity and Infrastructure Security Agency (CISA) issued a number of new guidelines this year. More recently, Binding Operational Directive 23-01 requires federal agencies to take the necessary steps to improve their asset visibility and vulnerability detection capabilities over the next six months. In 2023, we will see threat actors ramping up their attacks before new cybersecurity controls are implemented ahead of 2023 deadlines. This increase in attacks will likely take the form of supply chain attacks, as malicious actors will seek to do their best before they get caught.
Anteliz also notes that: “Threat groups will be discovered as long-time inhabitants of the networks of large organizations, resulting in a major breach in a Fortune 500 company. 2022 has brought many splashy threat group headlines like Lapsus$ successfully attacking big organizations like Uber and Nvidia, and state-sponsored Lazarus exploiting loopholes in Log4j to hack into US energy companies.
Looking ahead, Anteliz predicts: “In 2023, we predict that a major threat group will be discovered to have lived in a Fortune 500 company’s network for months or even years, siphoning emails and accessing critical data without leaving a trace. Organizations will only find out that their data has been accessed when threat groups threaten to transfer sensitive information to the dark web.
A second area of concern relates to targeted attacks. Anteliz thinks: “The threat of spear phishing will be further complicated by the rise of fake LinkedIn profiles”.
Anteliz details: “Spear phishing continues to be a successful form of social engineering that plagues organizations today. Spear phishing is sure to be a top attack vector in 2023. We can expect threat actors to put more emphasis on targeting individuals through fake accounts on LinkedIn. LinkedIn is a platform that has traditionally been less frequently associated with malicious behavior and widely trusted by users. Threat actors will seek to take advantage of this sentiment to gain access to critical information.
Anteliz further predicts: “Threat actors will disguise themselves as professionals seeking to conduct investigations by bringing in experts in various fields, giving them the perfect opportunity to obtain sensitive information from individuals and their organizations”.