How will the security threat landscape shift in 2023? To obtain a realistic assessment of what is likely to come for cybersecurity in the year ahead, Digital Journal contacted David Anteliz, Senior Technical Director at Skybox Security.
The expert predicts that, within the U.S., cybersecurity directives from the federal government will lead to a rise in threat actor activity against federal agencies. In particular, the threat of spear phishing will be further complicated by the rise of fake LinkedIn profiles. Spear phishing is a phishing method that targets specific individuals or groups within an organization.
It is also likely that threat actors will leverage novel programming languages to become untraceable. As to the main area of attack, it appears that a growing target will be the retail industry as organizations gear up for the Payment Card Industry Data Security Standard (PCI DSS 4.0). This standard is intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information.
Anteliz looks at the digital storm stemming from the U.S. government’s activities: “The increase in cybersecurity directives from the federal government will lead to a rise in threat actor activity against federal agencies.”
Of particular interest, says Anteliz, is: “The Cybersecurity and Infrastructure Security Agency (CISA) has issued a number of new guidance this year. Most recently, Binding Operational Directive 23-01 mandates federal agencies to take necessary steps to improve their asset visibility and vulnerability detection capabilities in the next six months. In 2023, we will see threat actors ramp up their attacks on before new cybersecurity controls are implemented ahead of 2023 deadlines. This increase in attacks will likely come in the form of supply chain attacks as malicious actors seek to do their worst before they get caught.”
Anteliz also notes that: “Threat groups will be uncovered as long-time dwellers in large organization networks, resulting in a major breach at a Fortune 500 company. 2022 brought many splashy headlines from threat groups like Lapsus$ successfully attacking major organizations like Uber and Nvidia, and state-sponsored Lazarus exploiting Log4j flaws to hack US energy companies.”
Looking ahead, Anteliz predicts: “In 2023, we predict a major threat group will be discovered to have been dwelling in the network of a Fortune 500 company for months, if not years, siphoning emails and accessing critical data without a trace. The organizations will only discover their data has been accessed when threat groups threaten to take sensitive information to the dark web.”
A second area of concern is with targeted attacks. Anteliz thinks: “The threat of spear phishing will be further complicated by the rise of fake LinkedIn profiles.”
Anteliz fills in the details: “Spear phishing continues to be a successful form of social engineering plaguing organizations today. Spear phishing is sure to be a prominent attack vector in 2023. We can expect threat actors to place an increased focus on targeting individuals via fake accounts on LinkedIn. LinkedIn is a platform that has traditionally been less frequently associated with malicious behavior and widely trusted by users. Threat actors will seek to take advantage of this sentiment to access critical information.”
Anteliz further predicts: “Threat actors will disguise themselves as professionals looking to conduct surveys leveraging experts in various fields, giving them the perfect opportunity to obtain sensitive information from individuals and their organizations.”