Similar to previous years, 2022 wasn't a calm year for cybersecurity.

The Costa Rican government was threatened with overthrow by the ransomware group Conti.

Microsoft, Nvidia, Uber, Globant, and several other major tech businesses were targets of Lapsus$, a cybercriminal gang that improved the social engineering attack vector and exposed confidential information all year long.

Advanced persistent threat (APT) organizations have continued to develop cutting-edge, proprietary tools that can defeat even the greatest defenses.

Hackers continued to intensify attacks on healthcare professionals, one of the numerous sectors they attacked, impacting millions of patients worldwide.

The password manager LastPass revealed further information on an earlier breach and confirmed that hackers had copied clients' encrypted vaults as the year came to a close, while The Guardian, one of the top newspapers in the UK, had to close its offices as a result of a ransomware attack.

What cybersecurity forecasts does Bitdefender have for 2023?

IoT: Slower Mitigation and More Vulnerabilities

Attackers will keep utilizing the numerous IoT platforms and devices' readily accessible vulnerabilities.

One of the most prevalent and pervasive IoT issues that calls for collaboration between the infosec community and the IoT device sector includes faulty authentication, unencrypted data transfer, cloud misconfiguration, Remote Code Execution and Command Injection threats, and privacy concerns. Security researchers won't get tired of contacting device manufacturers with vulnerability disclosures and patching, as was stated at the 2022 Black Hat conference.

Leading producers of smart home devices have started to use the Matter protocol, which is a positive step. The objective is that the larger IoT community begins going in the same direction of interoperability, simplicity, and a standardized set of security standards. Matter exemplifies best practices surrounding security.

However, it is not anticipated that the current slow mitigation will much improve until governments implement various rules, such as the EU's Cyber Resilience Act or the IoT Cybersecurity Improvement Act of 2020 in the United States (which might take effect in 2025).

These introduce IoT device cybersecurity regulations that are mandatory.

Persistence of Ransomware, Harmful Bootloaders and Drivers

Particularly on Microsoft Windows systems, ransomware will persist.

The most recent malware worms proliferate like wildfire, and attackers can use Ransomware-as-a-Service (RaaS) kits to quickly and cheaply create and launch a large number of their own varieties.

In 2022, ransomware organizations changed their extortion methods and programming languages in response to the world's shifting conditions. For instance, BlackCat RaaS created malware in Rust, which is thought to be more safe than C and C++.

These gangs are anticipated to look for fresh technological approaches the next year, such as creative entrypoint or antivirus software bypass methods.

In particular, it is anticipated that the prevalence of malware developed in uncommon (for hackers) programming languages like Swift, Go, or Rust will rise. This not only makes it easier to avoid detection and makes it more difficult for security experts to do analysis, but it also enables ransomware to target more users across a wider range of operating systems.

Another unsettling recent development is the ease with which thieves may now investigate potent UEFI bootkits like BlackLotus. Such malicious bootloaders were previously connected to seasoned hacker gangs and APT groups but are now sold to anyone. They may be immune to antivirus software's detection.

More Phishing and Malware for Mobile Devices

Attackers will keep using malware like FluBot that spreads through text message links.

This sort of Android Trojan is exceptionally difficult to contain and is capable of quickly adapting to the current social or political circumstances. It functions as both a spyware and a banker—it duplicates and spreads across all the victim's contacts and takes financial information stored on the phone. A SMS can alert the recipient to a failed delivery, a higher electric bill, or an invitation to view a friend's photo.

By relentlessly attacking Ukrainian—and Western—organizations with malware, Russian hacktivists are predicted to respond as Ukraine pushes to retake more of its territory from Russian invaders in 2023. Malware-as-a-service offerings from Russian state-backed APT groups are expected to be made available to any interested threat actors.

The most recent fad of phony apps disguised as legitimate Google Play Store applications and loaded with spyware and malware isn't going away. Cybercriminals will continue to easily install malicious software designed to acquire remote access or commit financial fraud on unsuspecting victims using ever-evolving social engineering techniques through messaging, social networking applications, and even phone conversations.

Cybersecurity Evolving

Cybersecurity evolves in tandem with attackers' ongoing modification and revision of their strategies.

The cyber insurance market started to become more competitive in 2022.

The underwriting standards tightened and premiums increased.

The market is anticipated to expand further in 2023 as cyber insurance providers put more appropriate system inspections and monitoring capabilities in place. As a result, managed detection and response (MDR) services are expected to be a crucial resource for businesses looking to enroll in insurance in the coming year.

Similar to this trend, firms will increasingly move away from traditional cyber preventive techniques and toward more comprehensive prevention, detection, and response strategies.

The Bitdefender Cybersecurity Posture Survey from December 2022 found that 53% of respondents' firms had already switched to a prevention, detection, and response strategy.

12% are experimenting and 32% are thinking about implementing a more proactive cybersecurity strategy in the near future among those who are still only concentrating on prevention.

Although cybersecurity teams will continue to expand, firms are likely to prefer more automated solutions due to financial and personnel problems. Think about the figures. Only 18% of respondents to the Bitdefender poll have dedicated cybersecurity staff in their IT departments; for the vast majority, cybersecurity is still just one of many IT jobs and will continue to be so.

Additionally, since the majority of central banks around the world are worried about the high likelihood of a recession in 2023 and the rising cost of living, this concern will increase from the current 48%, prompting the majority to search for integrated and partially automated cybersecurity solutions.

These solutions enable businesses to make the most of their internal resources, automate some tasks, and focus and combine their efforts on the issues that are most important to them.

Find out more about the Gravity Zone Security Platform, a complete one-vendor solution for endpoint, network, identity, and cloud workloads.