Paralyzed hospitals, closed city halls and ransoms of several million, 2022 has accustomed us to cyberattacks in the headlines. Expect to see these same criminals again in 2023, even more daring and ready to find new loopholes with dollars in their pockets.
What are the pirates preparing for us in 2023? We can already be sure that there will be no more ransomware attacks, data leaks and well-deserved identity theft. These methods work and, of course, they are not going to change dramatically from year to year. On the other hand, we can already see some signs of recent invasion attempts. We can then imagine that hackers will look for other flaws in the hundreds of connected objects that surround us in order to steal all of our personal information.
According to the data collected by the companies, the number of ransomware attacks in 2023 will be generally stable or will increase, but also will not break records. For example, cybersecurity firm Trend Micro detected a total of 3,250,504 ransomware threats in Q4 2021, up from 4,138,110 in Q3 2022, up 22%.
Russia’s invasion of Ukraine did not lead to the long-awaited cyber apocalypse. On the contrary: Moscow’s attacks were numerous, but without surprises and detected in time. As for criminal hackers, there has been an extensive pause in their activities. A time when criminals, often Russians and sometimes Ukrainians, agree to put aside differences and continue their crime, keyboards side by side. Groups that have emerged over the past two years will dominate the increasingly organized market by 2023. Here’s what experts expect from them in the new year.
Google Home contained security vulnerabilities. // Source: Unsplash
There are about 14 billion connected objects in the world. Watches, voice assistants or smart cameras are among the most common products in everyday life. A hacker first sees many vulnerabilities. “Cybercriminals will be especially interested in connected objects. The hybrid organization of work is being emphasized, a professional computer is increasingly being installed at home, in a home network. In this case, all connected products are potential gateways. It can go from one product to the company’s messaging service,” explains Dani Da Silva, Marketing Manager at BitDefender.
The laboratory of this cybersecurity company regularly reveals flaws in various objects. Hacking into a Google account with a stealer, a credential stealing software, can be disastrous in recovering passwords from dozens of different accounts.
Protecting your cloud is essential. // Source: Numerama
When the thief enters the house, he will look for the chest. The same goes for the pirate. The cloud contains most of the company’s data: once inside, you just have to use it. “Still in this hybrid work environment, we have combined professional and personal lives. A personal smartphone, for example, is commonly used for professional inquiries. Thanks to this, the hacker quickly attacks the company’s cloud service using phishing messages. Just look at the cyberattack on Uber and all the files that were exposed,” says Benoît Grumenwald, marketing director for ESET France.
“We are seeing more and more applications being used in the professional world. They are limited to simple authentication, where some hackers can already overcome more secure barriers,” says Joel Mollo, managing director of Cybereason in France.
Organization of ransomware
Ransomware is a type of malware. // Source: Melvin Dadure for Numerama
We talked about it above, ransomware groups needed to take inventory of their organization. While many expected an explosion of attacks after Russia’s invasion of Ukraine, the tide ended up being fairly steady. We know that some Russian developers were sent – and died – to the front, others probably fled the country. As for those who wanted to take a public position, the source code of their software was freely available on the dark web.
“Now that all criminal hackers have agreed to only go the way of money, we should see a restructuring of the market. Ransomware rental works like any market: the most effective service at the best price will eventually overwhelm the competition, and we can imagine that a handful of groups will monopolize most of the operations by 2023,” said Martin Zugek, Director of Technical Solutions at BitDefender. .
Lockbit, Hive, and ALPHV/BlackCat are some of the most popular RaaS – ransomware as a service – in 2022 and should continue to grow in 2023. The death of Conti and the demise of REvil and Lapsus$ left more space for these three bands. . As a rule, hackers, previously verified by managers, pay a commission on the income associated with the ransom. For example, Lockbit administrators earn about 20% of every amount paid to hackers.
“The RaaS system allowed hackers to specialize faster. Instead of being generic in different methods, they can focus on a specific malware attack pattern that comes with detailed instructions. Several developers are also responsible for updating malware. Everything works like a normal economy: professionals specialize in, for example, Photoshop, and a software publisher improves its product from time to time,” adds Martin Zugek.
Data processing will be useful to hackers. // Source: mohamed_hassan / Pixabay
Voice and face copying technologies are used not only in Hollywood, hackers, of course, have realized the full criminal potential of these tools. Deep forgery, as well as vishing – phone phishing – are already methods used by hackers: in several cases, criminals have used voice cloning to impersonate bosses in order to urgently request the transfer of millions of dollars of euros.
Worse still, AI models are now freely available – such as the famous ChatGPT – and can help criminals write phishing messages in any language. “This is just the tip of the iceberg. This tool may already be generating malware code. AI will also allow you to automate operations, work in the system and learn. On the security side, we use artificial intelligence to detect threats, but we anticipate when attackers will use it to improve them,” warns Benoit Grumenwald, director of marketing for ESET France.
Tesla already gets hacked every year in hacker competitions. // Source: Malta Helmhold / Unsplash
We announce this every year and continue to review for 2023. Car hacking could be classified as a “connected object”, but such an attack can take on even more serious proportions, affecting the lives of victims. Car hacking is nothing new, ethical hackers have been taking control of vehicles for years during competitions or test stages. The more digital options on board, the more entry points for a pirate.
“This raises a lot of questions about the future of connected cars. Usage and functionality are at the heart of the debate, but we rarely talk about protecting them, and the consequences can be disastrous. Imagine the damage if the entire fleet is attacked tomorrow,” warns Joel Mollo, managing director of Cybereason France. At the moment, the most likely scenario is cyber espionage through vehicle tracking. It is hard to believe that the special services have not yet undertaken such a maneuver. And we already imagine that it will also be useful for criminals to block the car in the middle of the road.