Cybersecurity in 2023: Look Back to Look Forward

Solutions Review’s Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. Candid Wüest of Acronis walks us through cybersecurity in 2023, and why sometimes we need to look back to move forward.

In today’s modern cyber threat landscape, keeping up with the latest cyber threats can feel like a full-time job, and getting ahead can seem like an impossible task. Revaluating your security strategy is no small feat, but with recent reports showing that new threats are constantly emerging, it remains a crucial step for businesses this year.

Specifically for enterprises, due to the growing frequency, sophistication, and magnitude of cyber-crime, it’s becoming more difficult to safeguard from breaches and ransomware attacks. As a result, security teams on the frontlines need to look to the past to create a more secure future – or they’ll be actively courting danger.

Looking Back to Look Forward: Cybersecurity in 2023

Flashback to 2022

While the back half of 2022 showed a decline in the number of new crime syndicates and volume of attacks, the threat is bigger than ever. Some of the most popular ransomware gangs rebranded, allowing them to avoid law enforcement and buy themselves additional time, leading to more successful criminal activity.

While these groups may have tried to reinvent themselves, their victims remained the same. Healthcare, government, and education remained the top industries that these organizations exploited. In terms of more general targets, the same report highlighted that top ransomware groups, like LockBit, Hive, BlackCat, and Black Basta, among others, were adding between 200 and 300 new victims per month to the total list of compromised users around the world.

Last year also saw major changes in terms of how these groups attacked their victims. The use of data exfiltration became more frequent in 2022, with some groups like BlackCat unleashing a triple-extortion approach with both DDoS and data exfiltration attacks. With this approach, the group can hit victims with different tactics at the same time if the organization doesn’t pay the ransom.

Above all, phishing and malware remain two of the most common threats facing organizations. According to the same report, in the back half of 2022 phishing activity rose by 130 percent, and it now represents 76 percent of all email-based attacks. With new attack approaches arising almost weekly, security teams must think creatively about their weaknesses in order to protect their organizations from emerging threats.

Adapting to New Technology and Associated Threats

It’s no secret that with each new technological advancement, the surface area for malicious cyber activities grows. Modern cyber-attacks, data leaks, and ransomware outbreaks all show the same thing: cybersecurity is failing. More often than not, this can be attributed to the growing complexity and weak strategies for the tools organizations have in place.

MFA (multi-factor authentication) fatigue is a great example of hackers preying on the human element of what are typically more automated processes. What was established to help employees remain more secure has, in turn, become a viable path for threat actors to break through security barriers. When users see dozens of pings come through, they may feel more pressure to accept them, rather than taking the time to logically process who sent the request. To combat this, IT professionals must consider training a crucial step in securing their organization.

Coupled with the changes in how ransomware gangs are choosing their victims, mitigating the risk of these attacks are more challenging for security teams. Even with organization’s best efforts at awareness training and pitching, one out of ten threats still make it to the endpoint.

As a result, teams are implementing new security tactics and shifting tools to the cloud. For example, we may witness a few threats this year like a heightened focus on uninstalling security tools, deleting backups, and disabling disaster recovery plans wherever possible.

With these new advancements, security professionals are eager to dive headfirst into new platforms, systems and tools that users need. However, it’s important that they take a step back and recognize that an imminent threat awaits them. As new devices and software become available, ransomware groups are lurking on the other side and looking for a way in. To combat this, organizations must avoid getting wrapped up in the perpetual race to innovate and ensure their security teams test and integrate new technology well. Security is not a one size fits all. Businesses need to prioritize tools that are most important to their organization first and then vet any new tools to ensure a safe adoption.

New Year, New Security Tactics

2022 showed us cyberattacks can happen to any business—no matter its industry or size. Rather than relying on the traditional security model, organizations must focus on upleveling their security strategy as much as they look to implement new technology.

Additionally, while technology is clearly a critical solution in the fight to detect and stop intrusions, the end-user is still a major piece of the puzzle. Mitigating these threats often starts with the proper training for employees. MFA attacks and phishing schemes specifically are sometimes avoidable at the user level if a company invests the time and resources to help their teams understand what to watch out for and how to report it. Employees should also be prepared for phishing attempts.

There are a few key areas that organizations can lean into. These include addressing patching your operating system and the applications that users frequently access, and ensuring that your cybersecurity tools are running properly. Beyond that, teams should use also strong authentication methods while working with any business data that could be compromised.

Though the 2023 cyber forecast is uncertain, there’s something to be said about “not repeating past mistakes.” Teams that use the lessons learned from the last year will undoubtedly be prepared for what will be a busy year combatting the advancements of threat actors.