07 Dec Trellix Predicts Heightened Hacktivism and Geopolitical Cyberattacks in 2023
Cybersecurity company Trellix has released its annual threat predictions report for 2023. Forecasts from the Trellix Advanced Research Center anticipate spikes in geopolitically motivated attacks across Asia and Europe, hacktivism fueled by tensions from opposing political parties, and vulnerabilities in core software supply chains.
John Fokker, Head of Threat Intelligence at Trellix, commented: “Analysing current trends is necessary but being predictive in cybersecurity is vital. While organisations focus on near-term threats, we advise all to look beyond the horizon to ensure a proactive posture. Global political events and the adoption of new technology will breed novel threats from more innovative threat actors.”
The Trellix Advanced Research Center brings together hundreds of the world’s most skilled security analysts and researchers to serve the global threat intelligence community and organisations with the latest threat indicators and insights collected from Trellix’s extensive sensor network.
Trellix Advanced Research Center forecasts the following threats in 2023:
- Geopolitics and grey-zone conflict. Geopolitical factors will continue to be a high motivation for misinformation campaigns and cyberattacks timed with kinetic military activity.
- Hacktivism takes center stage. As groups of loosely organised individuals fueled by propaganda align for a common cause, they will ramp up their use of cyber tools to voice their anger and cause disruption across the globe.
- Skeletons in the software closet will multiply. Both threat actors and security researchers will heighten their study of underlying software frameworks and libraries resulting in an increase in breaches related to software supply chain issues.
- Increasing activity by teen cybercriminals. Teens and young adults will engage at increasing levels in cybercrime – everything from large-scale attacks on enterprises and governments to low-level crimes that target family, friends, peers, and strangers.
- Declining accuracy of code-based attribution. The outsourcing of malware creation and operation, diversification of malware development, and use of leaked source code will make attribution of cyberthreats to specific threat actors increasingly challenging.
- Imminent global cyberthreat to critical infrastructure as cyberwarfare evolves. A significant rise in advanced cyberactors causing disruptions to critical infrastructure in vulnerable targets will be observed.
- With more collaboration comes more phishing. Weaponised phishing attacks will increase across commonly used business communication services and apps, like Microsoft Teams, Slack, and others.
- “Alexa, start mining bitcoins.” The advanced capabilities of consumer and enterprise IoT devices will be leveraged by hackers to mine cryptocurrencies.
- Space hacking: only going up from here. The compromise of satellites and other space assets will increase and become more public in 2023.
- Here’s my number, so call me, maybe. There will be a huge jump in reverse-vishing – or voice phishing – attacks, with less tech-aware users being the primary target.
- Attacks against Windows domain will scale. More domain privilege escalation vulnerabilities will be discovered as well as more real-world attacks against Microsoft Windows with the explicit goal of complete network takeover.
Vibin Shaju, VP EMEA, Solutions Engineering at Trellix, commented: “We started 2022 with an industry-wide vulnerability in Log4J, which was closely followed by cyber and physical war targeting Ukraine. We’re closing the year observing hacktivists taking matters into their own hands, new actors in operation, and a changed but increasingly active ransomware landscape.
“As stress continues to weigh on the global economy, as we head into the new year, organisations should expect increased activity from threat actors looking to advance their own agenda – whether for political or financial gain. To outwit and outpace bad actors and advance defences proactively, security must be always-on and always learning.”