BlackBerry shares key insights into state of cybersecurity for 2023
Recent global events, including a pandemic, a war and changes to workplace practices has seen a historic rise in the number and type of ransomware attacks, particularly different forms of phishing. The number of enterprise security breaches and critical infrastructure attacks also spiked, driven by expanding threat vectors.
Looking to 2023, BlackBerry is sharing some key trends for Australia and New Zealand to take heed of, based on global insights and local research.
Jonathan Jackson, APJ Director of Engineering for BlackBerry, comments, "As cyber criminals and nation-states increasingly team up, attacks will increase in scale, severity and type to take advantage of outdated security architectures, the human skills gap and software supply chain vulnerabilities.
"Organisations undergoing digital transformation, particularly in healthcare, will be the most at risk unless they can combine cybersecurity upskilling and outsourcing with behavioural analytics and AI to improve visibility, prevention, and response to cyber threats in 2023 and beyond."
Some of BlackBerry's 2023 predictions include the following:
Evasion tactics evolve as cyber and ransomware attacks spike
Cyber criminals will be relentless in carrying out more sophisticated and targeted attacks in the year ahead. To maximise harm to government and society, and cause more financial impact on the private sector, new tactics, techniques, and procedures (TTPs) will evolve to try and stay one step ahead of vendors, 'tricking' both humans and technology.
In preparation for the coming year, organisations should look first at their software stack - evasion tactics are on the rise, BlackBerry states.
HEAT attacks (Highly Evasive Adaptive Threats) can even turn cybersecurity technology on itself with clever bypass techniques. One recent example tricked certain software into purposely wiping data, instead of protecting it.
The use of tactics such as Whispergate and Hermetic Wiper escalated during the Ukraine war, and we will see further impact to businesses in 2023, the research states.
Ransomware attacks will also continue to be one of the biggest risks to companies, especially those using profitable double extortion tactics. Not only does this result in financial loss due to the ransom, but also reputational damage and other direct and indirect losses related to the breach.
Business email compromise (BEC) is another explosive threat. By exploiting 'inbox trust', cyber criminals can hack, spoof or impersonate a business email address that appears to be genuine. Victims are lured into clicking on a link, opening an attachment, sending an email or transferring money to an account with a fake invoice.
In Australia, one of the examples in 2022 included tricking home buyers with fake real estate emails. In some cases, people lost their home deposit during settlement, prompting warnings from the Government.
In 2023, BlackBerry states businesses will need to consider more defined risk mitigation strategies, combining employee education with technology tools to stop BEC attacks at multiple levels, including human error, data and network layers.
While evasion tactics, ransomware and BEC will continue to make headlines, so will blatant extortion. The high profile 2022 attacks on Medibank and Optus in Australia were not ransomware, but nation-state criminals stealing credentials or using open APIs to unlawfully steal personal data for financial gain.
Regardless of the questionable motivations of such threat actors, unless Australia is adequately protected, the country is fair game - and this kind of trend is set to continue, BlackBerry states.
Increased attacks on hospitals and healthcare organisations
As the healthcare sector continues to undergo a digital transformation, lucrative patient data, employee data-sharing practices and often inadequate security will make it a top target in 2023, especially for threat actors continually trying to extort ransom demands.
BlackBerry research reveals those surveyed in the healthcare sector are least likely to agree they have an incident management process to handle threats.
Over a third say they lack the security teams and tools to be effective, half say they have the capacity to handle the number of alerts they receive, and less than half say they have the knowledge, tools, and necessary visibility to detect and respond to zero-day and advanced threats.
Quantum computing a pressing issue for security
Quantum computing (QC) will challenge cryptography, fundamentally changing the way data is kept secure. When quantum computers develop to the point they can break widely used public encryption keys, it could allow access to transportation systems, hospitals, critical infrastructure and even banks.
Y2Q (Years to Quantum) is a particularly sinister problem as threat actors can plant dormant malware while QC is still in development, with the intention to mobilise malware or decrypt information in the future. The implications for Y2Q are drawing close, the researchers state, with predictions ranging from 2024 to 2032.
If Australia is to be 'the most cyber-secure country in the world by 2030', as quoted recently by Minister for Home Affairs and Cyber Security Claire O'Neil, the challenge of a quantum-resistant nation should be at the top of the priority list for Government and industry in terms of regulatory frameworks, future-proofing embedded systems and the supply chain, BlackBerry states. To achieve this, firming up collaboration between the public and private sector is critical in 2023, at home and internationally.
The cybersecurity skills gap will widen
There are millions of open cybersecurity positions around the world, and not enough experts in the market to manage the growing scale of cyber risks. Not only is there a gap in skills and gender - but a particular lack of professionals with strong backgrounds in AI and ML, the research finds.
Without skilled security teams, organisations are at risk. Closing the gaps will require a strong focus on educating and encouraging people to pursue cybersecurity roles. Outsourcing will also help plug gaps in security expertise, particularly for small businesses.
However, hiring more people and improving skills won't address the scale of the problem. In 2023, intelligent, predictive AI combined with external, 24/7 security experts will be increasingly sought by organisations of all sizes. Their goal is to narrow the gap more affordably – minimising alert fatigue, reducing costly people hires and training, while preventing threats before they execute so lean IT security teams or individuals can focus on other priorities.
Supply chain attacks will wreak havoc
Software supply chain attacks are among the most destructive strategies used by cybercriminals today. New BlackBerry research found that 4 in 5 IT decision makers have been notified of an attack or vulnerability in their supply chain in the last 12 months. It also revealed in the last year, that 80% of companies in Australia were notified of a vulnerability or attack within their software supply chain.
Compared to the global average, Australia suffered the highest rates of operational compromise and data loss. It proves cybersecurity must go far beyond vendor trust.
To best prepare for 2023, organisations should consider meaningful and timely contextual threat intelligence to stay up to date with the most recent threat models. It is also important to prioritise defensible security architectures based on zero trust strategies and establish regular audit programs to identify potential vulnerabilities and weak points in supply chain processes and systems, BlackBerry states.