Hybrid Workers, Connected Cars and Managed Service Providers (MSP) will be top targets for attacks in the coming year, according to Trend Micro report
According to the Trend Micro study, “Tight future: security predictions for 2023”, cybercriminals will target the security blind spots of home offices and the cloud and software supply chain in the coming year. The report points to VPNs as a particularly attractive target, as a single solution can be exploited to reach multiple corporate networks, and highlights the fragility of home routers, which are often not patched or managed by central IT.
“The pandemic may be passing, but remote work is here to stay,” said Jon Clay, vice president of Threat Intelligence at Trend Micro. “This means a renewed focus by threat actors in 2023 on unpatched VPNs, connected SOHO (Small Office/Home Office Routers) devices, and the backend of cloud infrastructure. In response, organizations will need to focus on helping already stretched security teams by consolidating attack surface management and detection and response with a single, more cost-effective platform.”
Along with the threat of hybrid work, the report anticipates several trends for IT security leaders, including:
– The growing threat to Managed Service Providers (MSPs) supply chain, which will be hit because they provide access to a high volume of customer activity, maximizing ROI from ransomware, data theft and other attacks;
– The techniques oflive off the cloud” may become the norm for groups attacking cloud infrastructure, with the aim of remaining hidden from conventional security tools. An example is the use of a victim's backup solutions to download the stolen data to the attacker's storage location;
– Threat to connected cars, targeting cloud APIs that sit between the eSIMs embedded in the vehicle (electronic chips) and the backend application servers. In the worst case scenario (i.e. on Tesla's API) attacks could be used to gain access to vehicles. The auto industry can also be affected by malware lurking in open source repositories;
- You “Ransomware as a Service” (RaaS) groups can rethink their business as the impact of double extortion fades away. Some may focus on the cloud, while others may abandon ransomware and try to profit from other forms of extortion such as data theft;
– Social engineering will be boosted with offers of Corporate Email Compromise (BEC) as a Service and the emergence of BEC based on deepfake;
– Companies will also have to pay attention to the attacks targeting OT (Operational technology) systems that control industrial equipment.
Blockchain-powered virtual assets such as cryptocurrencies will continue to pique the interest of malicious actors, who like to act with freedom and anonymity, although actions against non-fungible tokens (NFTs) and the metaverse are expected to remain stagnant.
Trend Micro recommends that organizations mitigate these emerging threats in 2023 by:
- Zero Trust strategies built on the “never trust, always verify” mantra, to minimize damage without sacrificing user productivity;
- Employee training and awareness to strengthen weak links in the security chain;
- Consolidation of all attack surface monitoring and threat detection and response into a single security platform. This will improve the company's ability to catch suspicious activity on its networks, reduce the burden on security teams and keep defenders sharp;
- IT stress testing infrastructures to ensure readiness for attacks in different scenarios, especially those where a perimeter gateway has already been breached;
- Inventory of software for each application (Bill of Materials Software – SBOM), to accelerate and improve vulnerability management by providing visibility into in-house developed code, what was purchased from commercial sources, and/or created from third-party sources.
To read a full copy of the Trend Micro Predictions for 2023, click ON HERE.
