In 2022, 255 million cyberattacks were reported globally, a 61% increase on 2021. In a report by Deloitte’s Center for Controllership, 34.5% of executives said that in the last 12 months, their organisation’s accounting and financial data was targeted by hackers. Approximately 22% of that group experienced one cyber event with 12.5% experiencing more than that. Nearly half of all those polled expect the number and size of cyber threats targeting their organisations to increase during the year ahead.
While cybersecurity capabilities are improving all the time, the sophistication and prowess of hackers and cybercriminals is matching that progress. Here, we look at some of the latest cyber threats to emerge in 2023.
1. SaaS phishing
Phishing accounts for most of all cyber-attacks. This year, we’re seeing the emergence of SaaS-based phishing, whereby hackers hijack legitimate software and create a credential-stealing page that looks like a legitimate login page.
To do this, hackers send a fake invoice or other document as a pdf. As pdfs open directly into a browser, they are able to evade cybersecurity defences that disallow the opening of pdfs. Malware, such as Snake Keylogger is then able to record keystrokes to collect login data.
The hacker establishes a fake SaaS account using the victim’s name and deploys that account from a rogue device to target other members of the organisation, often in a whaling attack, a form of spearfishing, targeting C-suite and other high-level executives, in order steal sensitive information or money.
2. The dark side of ChatGPT
ChatGPT has become an important legitimate tool for businesses, but it’s also proving useful for hackers. Cyber criminals can use the AI chatbot to draft phishing emails and codes, generating multiple scripts easily with slight variations on wording. Complicated attack processes can also be automated using the Learning Management Systems (LLMs) APIs to generate other malicious artefacts.
With AI, creating malware is easier than ever. As far back as 2020, researchers found a new type of malware called Deeplocker that used generative AI to make malware difficult to detect.
QR codes and cashless payments are giving cybercriminals an open invitation to steal sensitive data. All attackers need to do is take a flyer released by a company or government agency and switch the existing QR code with their own infected with malware.
4. Developer account hacking
Developers are being increasingly targeted by hackers, posing real problems for cybersecurity experts. This is because companies tend to trust developers with too much access to their environment, and since these developer privileges tend to violate well-established access controls, companies that don’t follow cybersecurity best practices are easy targets. Infiltrate a developer’s account and hackers can insert malicious code virtually anywhere.
5. IoT hacks
Attacks on IoT devices saw a 98% increase in 2022, along with the rise in remote working. While home Wi-Fi networks can be monitored, IoT infrastructure doesn’t tend to receive much in the way of security updates. And users often don’t update default passwords on these devices either. Once a hacker has access to one, they can access data from other devices on the network. In fact, one cyber security expert claims to have been able to run commands on more than 20 automated Tesla cars in ten countries without the owner’s knowledge.
6. Encryption-less ransomware
Ransomware threats are evolving too. There has been a 40% increase in ransomware attacks this year with a distinct trend in hackers using encryption-less ransomware techniques. 25 new ransomware families have been identified using double extortion or encryption-less techniques. These attacks differ from traditional attacks in that the cyber criminals threaten to leak data but don’t use encryption. This takes less time and is more cost-effective for the hackers, typically resulting in faster, larger profits.
Tackling cyber threats in your organisation
Hackers are getting smarter. In this example from a Facebook post in 2023, at first glance, two web addresses look identical. However, a closer look reveals that the character ‘a’ is slightly different. What has happened is a Cyrillic character has been used to replace the Roman letter in the genuine web address.
The message here is security awareness within organisations is more important than ever. One way to avoid cyber threats such as this is to instruct staff not to click on links and, instead, type the web address directly into the browser. Another is to hover over links before clicking to see where the link directs to. If it’s an unfamiliar address, users should not proceed further.
The emerging digital ecosystem is treacherous. Every company is a target and potentially at risk from a breach. Hackers are using emerging technologies against companies using it for business gains. While the risk of phishing, ransomware and DDoS attacks remain high in 2023, cybercriminals are also actively searching for security patches that companies have failed to keep up to date – something that can be mitigated easily using a managed IT solution.