Alexander Falatovich

Top 5 Cybersecurity Trends to Watch Out for in 2023

Top 5 Cybersecurity Trends to Watch Out for in 2023

Staying Vigilant in Today’s Digital World

By Alexander Falatovich, Senior Cyber Security Threat Analyst, Identity Digital

In today’s digital world, cybersecurity is more important than ever. With the rise of new technologies and increased internet use, cybercriminals have more opportunities to exploit vulnerabilities and steal sensitive data. As we move into 2023, we can expect a continuation of existing cybersecurity threats and the emergence of new threats that use the latest technologies. Here are five cybersecurity trends that we are likely to see in 2023.

Use of generative AI tools.

The use of generative AI tools, such as ChatGPT, is on the rise. These tools make it easier for cybercriminals to create malware and phishing lures, even with limited technical skills. As a result, we can expect more sophisticated attacks that are harder to detect. It’s important to note that while generative AI tools can be used for both legitimate and malicious purposes, the key is to be aware of the potential risks and take the necessary precautions to mitigate them.

To combat this threat, companies need to focus on security awareness training for employees, coupled with protection at the edges of their network to reduce inbound attacks and block outbound traffic related to successful infiltration.

Smishing attacks.

Smishing attacks have become increasingly common in recent years, with cybercriminals taking advantage of the prevalence of mobile devices and the increasing use of text messaging for business communications. These attacks are similar to traditional phishing attacks, but instead of being delivered via email, they are sent as text messages to the victim’s mobile device. Smishing attacks trick the victim into divulging sensitive information or clicking on a malicious link.

In 2022, smishing attacks saw a significant rise, which is expected to continue in 2023. With more people working remotely and using personal devices for work purposes, cybercriminals are taking advantage of the increased attack surface to target employees and gain access to sensitive information.

To reduce the risk of smishing attacks, companies should implement strong authentication protocols, such as multi-factor authentication (MFA), to ensure that employees are who they say they are when accessing sensitive information. Additionally, companies should educate employees on the importance of staying vigilant and cautious when receiving text messages from unknown sources.

It’s also important to keep mobile device software updated and install security software on these devices to help detect and prevent smishing attacks. By taking these steps, companies can reduce the risk of smishing attacks and protect themselves and their employees from cyber threats.

Expansion of Multi-Factor Authentication attacks.

In 2023, we expect to see an increase in multi-factor authentication or “MFA attacks, particularly in push spam and man-in-the-middle attacks. In push spam attacks, the attacker sends many push notifications, overwhelming the user and tricking them into approving these, which then gives the attacker access to the user’s account. In man-in-the-middle attacks, the attacker intercepts the user and server communication and obtains the user’s authentication information.

To combat these attacks, developers will likely move towards more resilient forms of additional authentication, such as hardware tokens. Hardware tokens generate a unique, one-time password that must be entered along with a user’s regular login credentials. This provides an additional layer of security, as the password changes every time the user logs in, making it harder for attackers to access the user’s account.

Additionally, companies should educate their employees on the importance of not approving push notifications or entering authentication information in unsolicited pop-ups. They should also implement proper security measures to prevent man-in-the-middle attacks, such as encrypting communication channels and monitoring suspicious activity.

Increased package impersonation attacks.

Supply chain attacks have become an increasingly prevalent method cybercriminals employ to compromise systems and gain access to sensitive data. In 2023, we expect an increase in package impersonation attacks via public repositories. These attacks involve cybercriminals creating fake packages that mimic legitimate ones in public repositories such as NPM, RubyGems, and PyPI. When developers unknowingly download these fake packages, they inadvertently install malware or other malicious code onto their systems.

These attacks can have serious consequences, allowing cybercriminals access to sensitive data and compromise systems. To reduce the risk of these attacks, companies must expand verification and software composition analysis to identify threats.

Verification involves ensuring the downloaded package is genuine, not fake or malicious. Companies should implement verification procedures that check the package’s cryptographic signatures and authenticate their sources. They should also verify the package’s integrity and dependencies to ensure they have not been tampered with.

Software composition analysis involves examining the package’s components and dependencies to identify any vulnerabilities or security issues. Companies should conduct a thorough analysis of software composition to detect suspicious or malicious code within their packages.

Increased attacks focusing on APIs

APIs (Application Programming Interfaces) have become essential in modern software development, allowing applications to interact with each other and share data. However, this increased reliance on APIs has also led to attacks focusing on insecure APIs. Cybercriminals can exploit vulnerabilities in APIs to steal data, compromise systems, or launch attacks on other applications or networks.

In 2023, we expect more sophisticated attacks that target APIs. These attacks may exploit vulnerabilities such as SQL injection, cross-site scripting (XSS), or other injection-based attacks that someone can use to access sensitive data or compromise systems. Cybercriminals may also use social engineering tactics to trick users into divulging sensitive information or accessing malicious APIs.

To combat this threat, companies should implement strong authentication protocols, such as OAuth, to control access to their APIs. They should also regularly review their access control lists to ensure that only authorized users can access their APIs. Proper encryption of API data, such as using Transport Layer Security (TLS) or Secure Sockets Layer (SSL), can also help to protect sensitive data in transit.

In addition, Companies should perform regular vulnerability assessments and penetration testing to identify and address any vulnerabilities in their APIs. This testing should include both manual and automated testing to cover all possible attack vectors. Furthermore, companies should conduct security awareness training and educate employees on identifying and reporting suspicious API activity.

In conclusion, the rise of new technologies and increased internet use have led to a higher risk of cybersecurity threats. In 2023, we can expect the continuation of existing cybersecurity threats and the emergence of new ones that exploit the latest technologies. The use of generative AI tools, Smishing attacks, MFA attacks, package impersonation attacks, and API attacks are among the top trends we should watch out for in 2023. To combat these threats, companies must remain vigilant and prioritize cybersecurity measures, such as security awareness training for employees, strong authentication protocols, proper security measures to prevent man-in-the-middle attacks and conducting thorough software composition analysis to detect any suspicious or malicious code within their packages. With these security measures in place, companies can protect sensitive data from MFA attacks and other cyber threats in 2023 and beyond.

At Identity Digital, we place a high priority on our customers’ security. To provide a safe online experience, we use a comprehensive anti-phishing technology across all our domains that proactively identifies and prevents potential threats. Our tools can detect suspicious emails, web links, and other online activities that may indicate an attempt to steal personal information. This approach gives our customers peace of mind, knowing they can confidently conduct their online activities in a secure environment moving into 2023.

Alexander Falatovich (Fal-uh-toh-vich) joined Identity Digital Inc. with the acquisition of Afilias, Inc. in 2020. He focuses on coordinating efforts to counter domain name abuse in top-level-domains (TLD) for Identity Digital and strategic customer accounts. He brings over a decade of experience from the domain name space, having led large legacy gTLD anti-abuse programs as well as facilitated the successful launch of dozens of descriptive TLD domain abuse programs. He is a member of multiple industry groups and collaboratives, such as APWG and InfraGard. Internally, he spearheads the enterprise security awareness program and is an inaugural member of the Identity Digital GRC Committee.