2023 cybersecurity trends and year in review
It's time to reflect on the significant developments in cybersecurity over the past year. 2023 has been marked by both a continuous escalation of cyber threats, as well as innovation and improvements in cybersecurity technology.
Specifically, there have been notable advancements in Cloud Security, modernization of Privileged Access Security, an authentication evolution with Passkeys, and improved API Security.
Here's my 2023 year in review:
Ransomware's continued path of disruption
Ransomware continued to evolve into a persistent and highly disruptive cyber threat, causing chaos and widespread damage across the digital landscape.
Despite significant efforts to combat this menace, the year 2023 saw ransomware attacks escalate, affecting individuals, businesses, and even critical infrastructure. Ransomware remains a significant threat, and the evolving tactics employed by cybercriminals have resulted in major organizations falling victim, costing them tens of millions of dollars.
Some governments have stepped up efforts to crack down on ransomware gangs, leading to arrests and prosecutions. Unfortunately, some governments still provide safe havens for cybercriminals to operate beyond the reach of authorities.
Cybercriminals focus on data theft—not on causing business disruptions or downtime
Ransomware is evolving—cybercriminals are looking to stay stealthy and hidden, meaning the older tactics of encrypting data and demanding a ransom have changed. Cybercriminals focus on data theft—not on causing business disruptions or downtime—and they demand a ransom when an organization fails to disclose the security incident, or they threaten to disclose sensitive data on the public internet.
This way, the victim does not get the public attention that comes with disruptive ransom techniques, and paying the cybercriminals without attracting public visibility is easier. This may be one of the reasons why ransomware is not making the news as often as it was in previous years.
In the past year, the targets of ransomware gangs have also evolved to focus on countries with fewer cyber capabilities and laws around ransomware payments.
Some other 2023 evolutions in ransomware include:
- The proliferation of sophisticated ransomware strains
- More targeted attacks
- Ransomware-as-a-Service (RaaS) models evolve
- Increased ransom demands
- Double, triple, and quadruple extortion techniques
- Evading security measures
The cloud's unstoppable rise
Cloud computing continues to shape the modern business landscape, with organizations increasingly relying on cloud services and infrastructure. This transition has not gone unnoticed by cybercriminals.
In 2023, we witnessed an uptick in cloud-based cyberattacks targeting misconfigured cloud resources and insecure APIs. These breaches highlighted the importance of implementing robust cloud security measures, including access controls, encryption, and continuous monitoring.
Cloud services offer enhanced cybersecurity through expert security teams, scalability, and redundancy. They provide strict access controls and handle regular updates. However, they can pose challenges related to data privacy, potential data breaches, compliance, provider dependency, and the shared responsibility model. Implementing cloud security measures may also incur additional costs. Careful consideration of these factors is essential for organizations evaluating cloud service adoption.
Check out this blog for more information about cloud security best practices: Ethical Hacker Tips for Securing the Cloud
The increased threats to critical infrastructure
The cybersecurity community was alarmed by the increasing threats to critical infrastructure, including power grids, water treatment plants, and transportation systems. Ransomware attacks on these systems and their suppliers underscore the importance of securing privileged access to critical infrastructure assets.
Protecting these systems requires a comprehensive Privileged Access Management (PAM) strategy that ensures only authorized personnel can control, manage, and monitor critical components.
The era of passkeys and passwordless authentication
2023 marked a turning point in authentication methods.
Passkeys, also known as WebAuthn or FIDO2, gained prominence as a more secure and convenient alternative to traditional passwords. These passkeys can be hardware tokens, biometric identifiers, or mobile devices, reducing the risk of phishing and credential theft.
Many organizations implemented passwordless authentication as a way to enhance security and improve the user experience. The more we move passwords into the background and the less humans need to interact with them, the better and safer our digital world will become.
Another major development was Google announcing that they would be making passkeys the default sign-in option across Google accounts, so users are no longer required to remember or choose passwords. This is a massive step in improving security in the authentication process.
The rise in API-related attacks
APIs have become the backbone of modern applications, facilitating communication between different software components and services. However, they also serve as a prime target for cyberattacks.
In 2023, we observed a surge in API-related security breaches, with attackers exploiting vulnerabilities in API endpoints to gain unauthorized access to data and systems. Ensuring API security through regular testing, monitoring, and access controls became a top priority for organizations.
As we look ahead to 2024, it's clear that cybersecurity will remain a top priority for organizations and governments worldwide. The evolving threat landscape demands constant vigilance and adaptation to emerging risks. It's critical that organizations develop and implement proactive cybersecurity strategies to stay ahead of cyber adversaries and safeguard digital assets in the years to come.
Watch our podcast "Year in Review & Future Trends with Mikko Hypponen":
2024 cybersecurity predictions
AI-driven attacks and defenses: Cybercriminals will increasingly use artificial intelligence (AI) to automate and enhance their attacks. In response, cybersecurity defenses will rely more on AI and machine learning for threat detection and automated incident response, creating a continuous battle of algorithms.
Increased demand for cyber insurance: The demand for cyber insurance will surge as organizations recognize the financial risks associated with cyberattacks. Insurance providers will refine their offerings and assess premiums based on cybersecurity maturity.
Geopolitical tensions in cyberspace: Geopolitical tensions will continue to spill over into cyberspace, leading to nation-state-sponsored cyber-espionage and disruptive attacks. Cybersecurity professionals will need to monitor and respond to evolving geopolitical threats.
AI compliance accelerates: In 2024, the landscape of cybersecurity compliance is expected to evolve significantly, driven by emerging technologies, evolving threat landscapes, and changing regulatory frameworks. Privacy regulations like the GDPR and CCPA have set the stage for stricter data protection requirements. We can expect more regions and countries to adopt similar regulations, expanding the scope of compliance requirements for organizations that handle personal data.
Artificial intelligence and machine learning will play a more prominent role in cybersecurity compliance. These technologies will be used to automate threat detection, analyze vast datasets for compliance violations, and provide real-time insights, making it easier for organizations to stay compliant.
Passkeys pave the way for passwordless authentication: Multi-Factor Authentication (MFA) will become a standard requirement for most online services and applications. Traditional methods like SMS-based MFA will decline in favor of more secure options, such as time-based one-time passwords (TOTP) generated by authenticator apps.
The move toward passwordless authentication will continue, reducing reliance on traditional passwords. Methods like passkeys, biometrics, hardware tokens, or public-key cryptography will replace or supplement passwords for access to accounts and systems.
2023 has been a very busy year and I want to thank all the security professionals for helping make the world a safer place. It is the work you do that keeps citizens and businesses all around the world safer online. At Delinea we thank you for your service and continuous hard work. Keep these cybersecurity predictions and learnings in mind as you set your course for 2024.
Happy New Year to everyone!