Cybersecurity Trends and Predictions for 2022-2023

Trends

The Russian war against Ukraine has galvanized supporters far from the battlefield. Cyber warriors for and against both sides have worked to sow disruption using a variety of methods. Ransomware and distributed denial of service (DDoS) attacks continue to cause concern. Zero-day exploits, AI-enabled disinformation, and other attacks, often state-sponsored, have been part of a wider range of threats since Russia invaded Ukraine, according to the European Union Agency for Cybersecurity (ENISA).

While other vectors came into play, there’s no denying the significant increase in DDoS attacks. There was a 203% jump in the first half of 2022 compared to the same period of 2021. The scale of the attacks also increased. For example, Google thwarted the largest ever HTTP-based DDoS attack, just a month after Cloudflare stopped a record-breaking one. Another strike that made global news because of its geopolitical implications was carried out against the Taiwanese government. It happened as Speaker of the House Nancy Pelosi was due to visit, something China said it would take action against. In fact, the US Cybersecurity and Infrastructure Security Agency (CISA) listed threats from state actors in Iran, China, North Korea, and Russia during 2022.

Hacking for a cause isn’t limited to state-actors though. Consider the moves of abortion-rights hacktivists after the US Supreme Court struck down the guaranteed access granted by Roe v. Wade. A group calling itself SiegedSec hacked the state government servers for Arkansas and Kentucky in protest over those states’ bans. The video-game streaming service Twitch and crowdfunding site GiveSendGo were also both targeted by hacktivists on a mission.

Trends

In response to ongoing global threats, cybersecurity regulations will continue to evolve. Following the Executive Order on Improving the Nation’s Cybersecurity issued on May 12, 2021, Congress passed the Strengthening American Cybersecurity Act (SACA) in 2022. SACA gives federal officials a transparent view of infrastructure cyber attacks nationwide. It helps protect these critical assets by requiring operators of electrical grids, water treatment systems, and other vital interests to notify CISA within 72 hours of a data breach and within 24 hours of any ransomware payments.

The executive order also helped pave the way for cybersecurity measures in the Bipartisan Infrastructure Law (BIL). It includes a grant program with $1 billion in funds for state, local, and territorial governments to shore up their cyber defenses. States are stepping forward with their own measures, as well.

Image

41 were adopted as of mid-year. Common themes included setting up formal training practices, incident response plans, and reporting measures. Others support cybersecurity education, securing elections, and funding all these efforts. In addition, data privacy measures were debated in 25 states and Washington, DC. As of June, five states had enacted six laws governing the collection of personal information, consumer data rights, website privacy, and more.

Trends

As technology continued to evolve in 2022, so did cyber attacks. The year saw additional:

• Supply chain attacks

• Targeted ransomware

• Mobile attacks

• AI-supported cybercrime

Most everyone probably has a personal story of supply-chain issues this year. Part of the problem was the global nature of supply chains and attempts to adjust to pandemic-related changes in work habits and buying habits. But the proliferation of third-party vendors and global networks is a siren call for cyber attackers and they responded. Cybercriminals looking to make a splash, and some cash, will continue to look for opportunities to profit from supply chain disruption.

Ransomware has been a problem for years. After the Colonial Pipeline ransomware case caused panic and fuel shortages along the East Coast, and the nearly $5 million ransom was paid, the White House issued an executive order aimed at shoring up the nation’s cybersecurity. Nonetheless, the success of such a high-profile attack just fueled the attraction of ransomware for cyber criminals so more such attacks are expected. Targeting companies and infrastructure assets that have a high likelihood of paying ransoms, like critical infrastructure, will remain attractive for hackers

With the introduction of 5G and the continued proliferation of IoT devices, attack surfaces have increased. And more mobile devices connected to the faster networks just increases the potential speed of any attacks. Mobile devices are notoriously undersecured, giving experienced cyber criminals the advantage. In fact, platforms for these devices have been responsible for about 70% of financial fraud, usually initiated via phishing and malware.

AI has already delivered good results for business, uncovering process inefficiency and speeding up data analysis. But any technology that can be put to productive use can usually also be employed by attackers and this one is. Deepfake videos and photos are a good example of this. They use artificial intelligence to mimic trusted sources and cybercriminals have been taking advantage of.

Trends

Cyber insurance is increasingly considered a business requirement, especially for tech companies or organizations that handle sensitive information. But it’s also becoming increasingly expensive. In the second quarter of 2022, US cyber insurance prices were already 79% higher than the previous year. And the increase in attacks means insurers have to cover their own risks by setting coverage limits and requiring strict cybersecurity measures before they issue a policy. Some insurance carriers have also reduced the coverage they are willing to offer high-risk industries such as critical infrastructure. Regardless, businesses understand the need for cyber insurance and have continued to purchase it. As more companies demand it and insurers restrict it or charge higher rates, fewer organizations may actually be able to find or afford it.

Just as insurers are frequently demanding strict cybersecurity measures as a condition for coverage, organizations are making similar demands. It’s becoming more common for potential partners, acquirers, and others considering third-party business agreements to scrutinize security postures and protocols as part of the vetting process. Companies and others are starting to pay much more attention to the security of their entire digital supply chain.

As organizations became more aware of the need for information security, they appointed chief information security officers (CISOs). Now the trend is swinging back the other direction with the CISO acting more as a risk manager of a decentralized cybersecurity apparatus with decision makers throughout the organization. This gives companies the ability to respond quicker and with greater agility than having all the response power in one person or office.

One other trend is the introduction of cybersecurity mesh architecture (CSMA), a term coined by tech consulting firm Gartner. Today’s workers and business assets may or may not be located in a company office or other central space. CSMA is part of a larger security network that can work hand in hand with zero trust and other measures to secure enterprise assets wherever they are located, in the physical world or the cloud. Companies that use CSMA will reduce the impact of discrete security incidents by 90%, according to Gartner.