Ransomware will get nastier than ever in 2023 and could affect everyone. Phishing will be more sophisticated, thanks in part to the new artificial intelligence tools we’re all playing with these days. And it will also aim to bypass double authentication systems.

An abyss will be created between cyber-aware companies – able to train employees well and equip themselves with suitable technologies – and the others, which will become easy prey for cyber criminals who are increasingly thirsty for money (and personal data), also due to the probable economic recession that will affect everyone.

There are ominous forecasts for 2023, on the cyber security front, from leading experts – in Ibm, Google, VM-Ware, Checkpoint among others. There is also hope, because the tools and defensive approaches available to businesses and users are now quite well known in the industry; pity, in fact, that they are still not widespread among the mass of potential victims.

Ransomware attacks on the rise

In the last two-three years, ransomware has made excellent victims, large manufacturing companies and public administrations in the world. All experts predict a surge in ransomware attacks in 2023, even in Italy (notes Clusit). The geopolitical threat weighs heavily, where many pro-Russian cybercriminals will work hand in hand with pro-Russian activists to harm the West. As Yuri Rassega, Ciso of Enel also notes, it is with the expected reduction of the Ukrainian conflict that cyber attacks of Russian origin will increase. But the economic crisis also weighs, which will push various people with technical skills, especially in poor countries, to make money on the road to cybercrime. After all, in this phase even the technical profiles and those of technology companies may suffer layoffs and reductions in wages, as has been seen in recent months.

The zero trust response

However, larger organizations in regions hard hit during the ransomware boom are best prepared for this surge, having invested time and money. On a positive note, zero trust has transformed from a new concept to a best practice. As hybrid working has become a way of life, many organizations have started adopting the zero trust framework. That is, all users, apps, and devices that request access are considered unauthorized until proven otherwise. According to IBM, those who did so saved an average of a million dollars compared to those who didn’t, in damages from cyber attacks. However, experts also note that this architecture is complex to adopt. Again, there will be a big difference between who is better prepared and everyone else. Criminals will target the latter.

The great battle over our data

Cybercriminals will continue to exploit large databases of leaked or stolen credentials to devastating effect. All Italian mobile phone numbers are public, extracted from Facebook (which recently led to a 265 million euro fine on Meta by the Irish Ombudsman). A recent hack also damaged Lastpass. There will therefore be a wave of phishing that exploits this data in an automated way (mobile phones, users’ names and emails). Next year, attacks against traditional second-factor authentication, such as SMS, which is now judged to be insecure, will continue; but also against push-based multi-factor authentication solutions. Phishing attacks and other attacks designed to capture authentication tokens will also increase. Enabling a second authentication on your accounts is now considered a necessary but not sufficient condition for a good defense. As a result, many consumers and businesses are gradually migrating to password managers, passwordless, and hardware identity tokens. However, the vast majority of the population continues to reuse credentials or vary credentials across environments, systems, or sites. Users will be easy victims of attacks. At the same time, criminals will seek even more data, for example with exfiltration ransomware attacks. As a result, there will be a growth of new criminal marketplaces dedicated to advertising and selling victim data.

More and more artificial intelligence

Experts predict more automated protection of the corporate cyber perimeter so defenders can focus more on identifying adversaries early and responding more effectively. To ever faster and more sophisticated attacks, we must respond in the same way. Artificial intelligence will help to find, for example, anomalous behavior (intrusion index) and vulnerabilities. At the same time it will be exploited by criminals. For example, to customize phishing messages, thanks to large language models (similar to OpenAi’s ChatGpt). Similar AI technologies will be used to create deepfakes of audio and faces in order to make phishing more convincing and thus impersonate a company supplier or the CEO of the victim company. Objective: to convince an official to make a wire transfer to an account controlled by the criminal.