Cyber attacks will be more refined in 2023
The last two years have seen a surge in cybersecurity attacks globally, catapulting cybersecurity issues to the forefront of the agendas of companies and governments. The 2023 threat landscape, unfortunately, does not look like things will get any easier for techies working in cybersecurity. But companies and governments do have far more hi-tech tools at their disposal now to deal with threats.
Vijendra Katiyar, country manager for India & Saarc at Trend Micro, says the severe attacks on India’s critical infrastructure, such as the recent ransomware attacks on AIIMS and the Tata Power, teach us one thing: cybercriminals will spend 2023 continuously fine-tuning their methods and becoming more professional. “Better-armed security teams, and legislators clamping down on crime, will finally push beleaguered ransomware actors into regrouping and refining their playbooks,” he says.
The rapid adoption of 5G around the world – even India is set to debut services this year – can lead to large-scale vulnerabilities being exploited by criminals, says Huzefa Motiwala, director of systems engineering for India & Saarc at Palo Alto Networks. Motiwala says this is thanks in part to 5G infrastructures being built on top of cloud architecture. “Even though this provides great flexibility and agility, it leaves the 5G core exposed to cloud security vulnerabilities. These vulnerabilities require cloud native security solutions, which enable enhanced continuous visibility and proactive threat prevention,” he says.
Another threat that cybersecurity companies foresee for 2023 is an uptick in online media scams. Ruchir Shukla, MD for India at SafeHouse Tech, says there has been an exponential increase in video content consumption, and hackers can use this opportunity to execute sophisticated social engineering attacks via deepfakes, which will make it extremely difficult for people and companies to distinguish between real and fake content.
Imagine if a deepfake of Elon Musk went viral asking people to buy a fake crypto coin. “Companies can prevent such scams using automated technology like AI detection software. They must also create awareness around deepfakes and train employees to spot fake videos,” he says.
Shukla says individuals should maintain a high level of security on all their devices and they shouldn’t sign up for any unknown face-recognition or comparison apps.
Our ever-increasing collective addiction to mobile apps has also ensured that cybercriminals have a tempting target for the upcoming year. Our phones. Sunil Sharma, MD of sales for India & Saarc at Sophos, says mobile devices are at the centre of a burgeoning range of new types of cybercrimes. “Not only are attackers still using fake applications to deliver malware injectors, spyware and banking-associated malware, but newer forms of cyber fraud have been growing in popularity, such as “pig butchering” schemes, where fraudsters befriend people online and convince them to invest in fake crypto schemes. Today, both Android and iOS devices are increasingly being targeted by fake applications,” he says.