Total Tests:
Blog Filters Reset
By Incident
By Jurisdiction
Show More

Top 10 Cybersecurity Predictions for 2023

ImmuniWeb presents you a compilation of the most relevant, novel and non-obvious predictions for application security and cybercrime in 2023.

Monday, January 16, 2023

Views: 9.2k Read Time: 3 min.

Top 10 Cybersecurity Predictions for 2023

APIs will be the next attack vector

As API usage grows year-over-year, so does the associated risk, CrowdStrike warns. APIs connect critical data and services, which makes them a valuable target for cyber criminals. 2022 saw multiple high-profile API-related security incidents, and this trend is expected to accelerate into 2023. That’s why security teams should pay attention to all APIs in an organization’s environment, including undocumented (shadow) APIs as well as unused/deprecated APIs that have not been disabled.

Cloud-native breaches will rise

A 2022 research showed that nearly 50% of all data breaches was related to cloud security incidents. Experts at Solvo predict that 2023 will see a rise in native cloud breaches, as organizations increasingly migrate parts or entire infrastructures that hold a lot of valuable data to the cloud, making it a lucrative target for cybercriminals.

Credential-stealing attacks will continue to rise

Threat actors will continue to use large caches of leaked or stolen credentials to devastating effect, IBM says. While many consumers and companies are gradually migrating to more secure authentication methods like password managers, passwordless and hardware identity tokens, the vast majority of users continues to reuse credentials or variations of credentials between environments, systems or websites. In 2023, the experts predict, there will be more attacks against legacy second-factor authentication (like SMS and push-based MFA solutions). Phishing and other attacks seeking to steal authentication tokens are also expected to increase.

Open source software libraries will become the primary target

Over the past few years, there has been a rise in incidents involving open-source software libraries. Although many apps and services are built using open-source software (70-90% of any piece of modern software includes open source code), only a few organizations have a clear understanding of what libraries they use. As defenders improve the “perimeter” of applications (i.e., public-facing web apps and APIs), threat actors will naturally look toward other vector, such as the use of third-party code, libraries, and services within an application, F5 warns.

Ransomware is not going anywhere

While ransomware is not a new risk, ransomware attacks continue to rise globally. In fact, 2022 saw more than a 130% increase in ransomware incidents, and this year is expected to be even more taxing for defenders due to threat actors adopting Artificial Intelligence technologies to improve the speed and accuracy of their attacks targeting critical infrastructure and supply chains, Microsoft predicts.

On the contrary, Venafi believes that cybercriminals will move on from ransomware to other revenue generators like trading stolen machine identities on Dark Web marketplaces for a high price. Hacker groups like Lapsus$ regularly use code signing machine identities to launch devastating attacks, and their value will only increase in 2023.

Sophisticated firmware attacks will become more widespread

Previously, firmware attacks were only observed in sophisticated APT (Advanced Persistent Threat) groups and nation states, however, over the past year there’s been a growing interest among the cybercrime community in tools that allow to hack BIOS passwords, rootkits and trojans targeting device BIOS (Basic Input/Output System) and UEFI (Unified Extensible Firmware Interface). Firmware rootkits are already available on cybercrime marketplaces for a few thousand dollars, and the number of such tools is expected to grow. With this in mind, organizations should take control of firmware security and ensure they are protected from such attacks.

Identity and authentication attacks will remain a constant threat

In 2023, identity- and authentication-related attacks will continue to be one of the major cyber threats for organizations, the internet giant Google predicts. Such attacks do not usually require stellar hacking skills and can be used by relatively unsophisticated criminals to breach an organization using stolen credentials obtained in the cybercriminal underground. As a result, platform makers will be pressured to help consumers and enterprises defend against malware that steals those credentials.

Threat actors will use novel programming languages to fly under radar

Hackers will shift from using common programming languages like Python to less used languages like Rust that cyber security products aren’t designed to detect, making it harder for security teams to spot an attack, according to Skybox Security. And this is a serious risk, as many organizations today fail to implement adequate cybersecurity measures that detect and prevent basic attacks, let alone attacks built on uncommon languages.

Insider risk will increase as hackers target trusted employees

A recent report shows that insider threat incidents have risen 44% over the past two years, with costs per incident up more than a third to $15.38 million, and, it seems, 2023 will be no better. In fact, experts predict that insider threat risks will only increase, with threat actors attempting to coerce and extort otherwise trusted insiders to commit malicious acts.

Cyberwar and geo-political tensions will put new emphasis on national security

The ongoing Russo-Ukrainian war and growing geo-political tensions will place new emphasis on critical industries and national security, leading to more strict security requirements and restrictions, Microsoft says. The company expects an increase in military-coordinated cyber-attacks, and a continued growth of conflict in cyberspace. Furthermore, Iran is also becoming more belligerent with its destructive attacks, and other nations’ cyber-espionage activity is increasing.

What’s next:

Application Security Weekly is a weekly review of the most important news and events in cybersecurity, privacy and compliance. We cover innovative cyber defense technologies, new hacking techniques, data breaches and evolving cyber law.
Book a Call Ask a Question
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential