10 trends that will shape cybersecurity in 2023

Our world is more digitally dependent than ever before, and IT environments are only getting more complex. This has enabled some incredible new capabilities — and higher productivity — but it also means that the potential for cyberthreat-related disasters is severe. Even small flaws in resilience can have a major impact on any organization.

At Acronis, we see 10 trends that are likely to shape the cybersecurity landscape this year:

Multi-factor authentication (MFA) and Identity & Access Management (IAM) systems are in the crosshairs. Cybercriminals have begun using a variety of tactics to steal (or simply bypass) MFA tokens, including overwhelming their targets with automated MFA requests in the hopes that a user will eventually confirm one by accident. It’s more important than ever to ensure that your MFA protocols are configured properly — and that only the minimum required access rights are granted to employees, to limit the potential damage of a breach.

Already one of the most infamous forms of malware, ransomware continues to grow in scale and evolve. Attackers are expanding their scope to hit macOS and Linux in addition to the many Windows-based threats, and are leveraging new tools — especially AI, which is more accessible to the public than ever before. Cybercriminals are no longer satisfied with simply encrypting data and asking for money: today’s ransomware attempts to disable security tools, delete backups and exfiltrate data (threatening its public release if payment is not made). Such attacks remain highly profitable, so don’t expect them to slow down.

Info-stealing malware, like Raccoon and RedLine, are becoming the norm for infections. Cybercriminals sell stolen data (often containing user credentials) via Dark Web brokers to facilitate future attacks. The growing amount of data, combined with the complexity of interconnected cloud services, is already making it more difficult to track and protect this information.

Malicious emails are one of the most prominent cyberthreats, and they continue to be sent by the millions. Attackers are actively using automation and personalizing these messages with previously-leaked data. Expect these kinds of attacks to increasingly spread to other messaging services — SMS/texting, Slack, Microsoft Teams, etc. — in an attempt to evade email filtering and detection systems.

There’s no end in sight to the attacks on cryptocurrency exchanges and smart contracts. With hundreds of millions of dollars in digital currency at stake, even nation-state attackers have gotten involved. These threats range from classic phishing scams and malware aimed at everyday users, to sophisticated attacks against algorithmic coins and smart contracts themselves.

As robust businesses themselves (and with plenty of clients downstream), it’s no surprise that service providers are under siege. One popular tactic is what’s called “living-off-the-land (LotL) attacks.” After breaching your systems, cybercriminals abuse legitimate PSA, RMM and other deployment tools already present there to perform malicious actions. Such attacks can be difficult to detect and to analyze after the fact. They also pose a severe risk to your clients and any other associated organizations, including consultants and first-level support teams.

Expect more attacks in, or through, the browser. Malicious extensions (or trusted ones that have had backdoors stealthily added via GitHub repos) can do things like skim passwords or swap out the target addresses of cryptocurrency transactions. On the other end, websites will continue to track users and overshare session IDs across HTTP referrers. As serverless computing grows, analysis of such attacks will become more complicated.

We’ve already seen a tremendous shirt of data, processes and infrastructure to the cloud — a trend that is only continuing. As automation between services links more endpoints and IoT devices, more and more APIs are becoming accessible via the internet. This will increase the potential for cyberattacks on a massive scale.

Cybercriminals are constantly coming up with new ways to modify normal business processes for their own benefit (i.e. profit). Small changes can result in massive harm, especially if it takes a while for the change to be detected — imagine an attacker swapping out the receiving account details in your organization’s billing templates, or adding their own cloud bucket as a backup destination for your email server. Such attacks don’t even always use malware, but require close analysis of user behavior.

Advances in artificial intelligence and machine learning are accelerating threat development, and making it trivially easy for cybercriminals to tailor their attacks to specific targets — at scale. But an even more worrisome trend may be attacks against the AI and ML models themselves. Threat actors can leverage weaknesses in the models, implant biases into data sets or simply use triggers to flood IT teams with alerts.

Acronis Cyber Protect Cloud unites backup, next-generation cybersecurity and endpoint protection management in one solution. Integration and automation provide unmatched ease for service providers — reducing complexity while increasing productivity and decreasing costs.

The Advanced Security pack extends that protection with full-stack anti-malware protection and remediation services, further lowering risks for your clients — and for your own business. It’s just one of many add-on services that integrate neatly with the platform and enable new, easily supported revenue streams.

Start your free 15-day trial today. And for more cybersecurity insights — and actionable advice you can implement today — read our latest Acronis Cyber Protection Operation Center Report, available as a free resource for any organization.