Connect with us

Hi, what are you looking for?

Business

2023 cybersecurity predictions: Business-critical applications increasingly at risk

We saw North Korean nation-state threat actors exploiting Log4shell to hack energy providers and conduct espionage campaigns.

Cuba has published its first cybersecurity law, a move critics have dismissed as a tool to limit political and civic freedoms - © AFP/File STEPHANE BENTURA
Cuba has published its first cybersecurity law, a move critics have dismissed as a tool to limit political and civic freedoms - © AFP/File STEPHANE BENTURA

Which direction will information technology take during the course of 2023? For example, during a time of economic downturn will organizations go back to security basics? Coming up with some predictions for Digital Journal is Sadik Al-Abdulla, CPO of Onapsis.

The commentator focuses on upcoming cybersecurity trends. Their predictions include the likelihood that attackers will seek out the next Log4j vulnerability and will likely become successful. Moreover, the exploitation of known vulnerabilities will become a leading attack vector. It also stands that threat actors will shift away from ransomware and opt for more discreet methods to monetise.

According to Sadik Al-Abdulla issues around the Log4j vulnerability are key. As he explains: “Attackers will seek out the next Log4j vulnerability and will likely become successful

The impact of the Log4j flaw has been widespread and far-reaching, with countless organizations still reeling from its massive ripple effect.”

Expanding on the problem, Al-Abdulla  says: “Log4j has underscored the level of difficulty in patching vulnerabilities within commonly used libraries, as almost every vendor within the software supply chain has been responsible for fixing it. Attackers have become well aware of this and have continued taking advantage of unpatched Log4j vulnerabilities.”

As an example, Al-Abdulla says: “Just a few weeks ago, we saw North Korean nation-state threat actors exploiting Log4shell to hack energy providers and conduct espionage campaigns.”

As to what the trajectory over the next year will be Al-Abdulla predicts “In 2023, we’ll not only continue to see the breadth of Log4j’s exposure increase, but we’ll also see threat actors focusing more on exploiting open-source libraries. To mitigate the impact of a vulnerability as critical as Log4shell, organizations must adopt a risk-based vulnerability management program that can help them prioritize patching the vulnerabilities that are most at-risk.”

There are also some limited options for firms given the financial situation. This may mean that “During a time of economic downturn, organizations will go back to security basics. Given the current period of economic uncertainty, organizations will continue cutting their budgets and putting their dollars into resources that are most critical to their business.”

There will be some level of investment, albeit of a more targeted nature. Here Al-Abdulla  states: “While strengthening their cybersecurity programs will be a priority in the coming year, organizations will begin rethinking the types of tools they are investing in. In 2023, we’ll see organizations lean more toward fundamental security technologies to protect their business assets.”

Drawing on an example, Al-Abdulla offers: “For instance, business-critical application security tools, such as vulnerability management platforms specifically designed for enterprise resource planning (ERP) applications, will help defend valuable data that enables an organization to successfully operate.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

A mind-boggling number of shining galaxies, a purple and orange star nursery and a spiral galaxy similar to our Milky Way: new images were...

Business

The US Department of Justice filed a major antitrust lawsuit Thursday seeking to break up an alleged monopoly in the live music industry.

Sports

For those seeking to snap up a ticket, it is important to know how to spot fake tickets, verify sellers, and safeguard the purchase.

Entertainment

Iranian director Mohammad Rasoulof arrived at the Cannes Film Festival Thursday after his dramatic escape from his homeland.