Our world is more digitally dependent than ever before, and IT environments are only getting more complex. This has enabled some incredible new capabilities — and higher productivity — but it also means that the potential for cyberthreat-related disasters is severe. Even small flaws in resilience can have a major impact on any organization.
At Acronis, we see 10 trends that are likely to shape the cybersecurity landscape this year:
1: Attackers will take aim at authentication systems
Multi-factor authentication (MFA) and Identity & Access Management (IAM) systems are in the crosshairs. Cybercriminals have begun using a variety of tactics to steal (or simply bypass) MFA tokens, including overwhelming their targets with automated MFA requests in the hopes that a user will eventually confirm one by accident. It’s more important than ever to ensure that your MFA protocols are configured properly — and that only the minimum required access rights are granted to employees, to limit the potential damage of a breach.
2: Ransomware will be even more prevalent — and dangerous
Already one of the most infamous forms of malware, ransomware continues to grow in scale and evolve. Attackers are expanding their scope to hit macOS and Linux in addition to the many Windows-based threats, and are leveraging new tools — especially AI, which is more accessible to the public than ever before. Cybercriminals are no longer satisfied with simply encrypting data and asking for money: today’s ransomware attempts to disable security tools, delete backups and exfiltrate data (threatening its public release if payment is not made). Such attacks remain highly profitable, so don’t expect them to slow down.
3: Data breaches will hit the masses
Info-stealing malware, like Raccoon and RedLine, are becoming the norm for infections. Cybercriminals sell stolen data (often containing user credentials) via Dark Web brokers to facilitate future attacks. The growing amount of data, combined with the complexity of interconnected cloud services, is already making it more difficult to track and protect this information.
4: Phishing will expand beyond email
Malicious emails are one of the most prominent cyberthreats, and they continue to be sent by the millions. Attackers are actively using automation and personalizing these messages with previously-leaked data. Expect these kinds of attacks to increasingly spread to other messaging services — SMS/texting, Slack, Microsoft Teams, etc. — in an attempt to evade email filtering and detection systems.
5: Criminals will continue hitting crypto exchanges and smart contracts
There’s no end in sight to the attacks on cryptocurrency exchanges and smart contracts. With hundreds of millions of dollars in digital currency at stake, even nation-state attackers have gotten involved. These threats range from classic phishing scams and malware aimed at everyday users, to sophisticated attacks against algorithmic coins and smart contracts themselves.
6: Service providers’ infrastructure will be a prime target
As robust businesses themselves (and with plenty of clients downstream), it’s no surprise that service providers are under siege. One popular tactic is what’s called “living-off-the-land (LotL) attacks.” After breaching your systems, cybercriminals abuse legitimate PSA, RMM and other deployment tools already present there to perform malicious actions. Such attacks can be difficult to detect and to analyze after the fact. They also pose a severe risk to your clients and any other associated organizations, including consultants and first-level support teams.
7: Browser-based attacks will increase
Expect more attacks in, or through, the browser. Malicious extensions (or trusted ones that have had backdoors stealthily added via GitHub repos) can do things like skim passwords or swap out the target addresses of cryptocurrency transactions. On the other end, websites will continue to track users and overshare session IDs across HTTP referrers. As serverless computing grows, analysis of such attacks will become more complicated.
8: Exposed APIs will facilitate large-scale automated attacks
We’ve already seen a tremendous shirt of data, processes and infrastructure to the cloud — a trend that is only continuing. As automation between services links more endpoints and IoT devices, more and more APIs are becoming accessible via the internet. This will increase the potential for cyberattacks on a massive scale.
9: Business process attacks will take advantage of human trust
Cybercriminals are constantly coming up with new ways to modify normal business processes for their own benefit (i.e. profit). Small changes can result in massive harm, especially if it takes a while for the change to be detected — imagine an attacker swapping out the receiving account details in your organization’s billing templates, or adding their own cloud bucket as a backup destination for your email server. Such attacks don’t even always use malware, but require close analysis of user behavior.
10: AI will be omnipresent
Advances in artificial intelligence and machine learning are accelerating threat development, and making it trivially easy for cybercriminals to tailor their attacks to specific targets — at scale. But an even more worrisome trend may be attacks against the AI and ML models themselves. Threat actors can leverage weaknesses in the models, implant biases into data sets or simply use triggers to flood IT teams with alerts.
Stay safe in 2023 with the world’s #1 cyber protection platform
Acronis Cyber Protect Cloud unites backup, next-generation cybersecurity and endpoint protection management in one solution. Integration and automation provide unmatched ease for service providers — reducing complexity while increasing productivity and decreasing costs.
The Advanced Security pack extends that protection with full-stack anti-malware protection and remediation services, further lowering risks for your clients — and for your own business. It’s just one of many add-on services that integrate neatly with the platform and enable new, easily supported revenue streams.
Start your free 15-day trial today. And for more cybersecurity insights — and actionable advice you can implement today — read our latest Acronis Cyber Protection Operation Center Report, available as a free resource for any organization.
About Acronis
A Swiss company founded in Singapore in 2003, Acronis has 15 offices worldwide and employees in 50+ countries. Acronis Cyber Protect Cloud is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.