SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Cyber criminals no longer just a subject for the tech industry
Thu, 17th Nov 2022
FYI, this story is more than a year old

Cyber criminals are no longer just a subject for the tech industry, according to new predictions for 2023 from Darktrace.

Tony Jarvis, Director of Enterprise Security, APJ, Darktrace, says that with so many data breaches and ransomware being reported and announced every week, cyber attacks are becoming mainstream and of great concern.  

"Let's face it, it has not taken long for cyber attackers to find and exploit weaknesses making Australian companies a major target and we need to ask, are CEOs now taking notice? What do they need to do as we enter 2023? Is prevention key?" he says.

Is the Silver Bullet of Multi-Factor Authentication (MFA) against cyber-attacks a thing of the past? 
"Once considered a silver bullet in the fight against credential stuffing, it hasn't taken attackers long to find and exploit weaknesses in MFA and they will continue to do so in 2023," says Jarvis.

"MFA will remain critical to basic cyber hygiene, but it will cease to be seen as a stand-alone set and forget solution. Questions around accessibility and usability continue to dominate the MFA discussion and will only be amplified by increases in cloud and SaaS along with the dissolution of traditional on-prem networks."

Continued hacktivism from non-state actors complicates cyber attribution and security strategies  
Jarvis says that in 2023, knowing thy enemy in the cyberworld will be more complicated than ever before.

"But it is critical that organisations remain aware of the realities of cyber risk and cease to focus on the boogie man of the internet that features in sensationalist reporting," he says. 

"Persistent, widely available, lower-sophistication malware and run-of-the-mill phishing campaigns statistically remain a greater global risk to corporations than the newest, most devious exploit kit or ransomware typically associated with APT groups. 

"As it gets harder to name the enemy, we should see organisations moving away from the headlines and towards ensuring operational stability based on a bespoke understanding of their unique risk profile."

Crypto-jacking neglect gets dangerous 
Another concern is Crypto-jacking neglect which is the hijacking of computer resources to mine cryptocurrencies and is one of the fastest growing types of cyber-threats globally. 

"These attacks are often overlooked as unthreatening background noise, but the reality is that any crypto-mining infection can turn into ransomware, data exfiltration or even an entry point for a human-driven attack at the snap of a finger," says Jarvis.

"In 2023, crypto-jackers will get more savvy and we might start to see the detrimental effects of what is usually considered inevitable or negligible. Security leaders need to ask themselves: How did this person get in? and shore up the easiest points of entry into their organisation," he says.

Ransomware rushes to the cloud 
"These third-party supply chains offer those with criminal intent more places to hide and targeting cloud providers instead of a single organisation gives attackers more bang for their buck," says Jarvis. 

"Attackers may even get creative by threatening third-party cloud providers."
Recession requires CISOs to get frank with the board about proactive security  

Jarvis says cyber security is now a boardroom issue, but with growing economic uncertainty, organisations are being forced to make tough decisions as they plan 2023 budgets.

"Rising cyber insurance premiums are one thing, but as more underwriters introduce exclusions for cyber-attacks attributed to nation-states, organisations will struggle to see the value in such high premiums," he says.

"In 2023, CISOs will move beyond just insurance and checkbox compliance to opt for more proactive cyber security measures in order to maximise ROI in the face of budget cuts, shifting investment into tools and capabilities that continuously improve their cyber resilience."