The cybersecurity threat landscape is constantly in flux, with new threats emerging and old ones evolving. Over the past six months we have seen cyberattacks on critical infrastructure affecting industries ranging from transportation to healthcare. Based on activity monitored by Nozomi Networks researchers, we’re also expecting cyber criminals, hacktivists and nation-state actors to continue to hone their skills and evolve their craft for greater success.
Ahead of our upcoming OT/IoT Security Report and related January 25th webinar, here is a summary of the latest cybersecurity threats and attack trends security professionals should prepare to encounter in 2023:
1. Hybrid threat tactics
The lines that once categorized different types of threat actors have blurred, which could significantly changes the threat actor landscape. For example, November’s Continental ransomware attack was launched by hacktivists who used nation-state tactics to cause a physical disruption to railroads. Meanwhile, nation-state threat actors have been leveraging cyber-criminal tactics, such as ransomware, to cause disruption in critical environments. It will become increasingly difficult to categorize threat groups based on TTPs and motives, which have aided in attribution efforts in the past.
2. Quantum cybersecurity threats
As threat actors use the “store now, decrypt later” (SNDL) technique in preparation for quantum decryption, governments are taking steps to defend against this future threat. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released its post-quantum cryptography initiative on July 6, 2022, to prepare and safeguard critical infrastructure companies during this transition. As CISA rolls out this guidance, more companies will shift their focus to safeguarding their data now to reduce the risks of quantum decryption later.
3. Medical device exploits
Many medical devices are susceptible to cyberattacks due to the fact that the legacy systems they are using are no longer being manufactured and/or the software no longer supported. Threat actors use scanners and other types of tools to identify and exploit vulnerabilities in these devices and perform manipulative tactics or even launch cyberattacks. Apart from using scanners to exploit vulnerabilities, threat actors can access medical systems used to aggregate device data for broader analysis and monitoring. This manipulation could lead to malfunctions, misreadings, or even overdoses in automatic release of medication.
4. Cyber insurance inflection point
Cyber insurance is an important part of a comprehensive cybersecurity strategy. However, cyber criminals are conducting reconnaissance on cyber insurance policies and tailoring their ransom requests to match the amount of a cyber insurance payout. This could either cause premiums to significantly increase, or even dry out cyber insurance resources, making it more difficult to file serious claims and receive payouts. Cyber insurance is not a cure for cyberattacks; in fact it could motivate cyber criminals. Companies should invest in cyber prevention, protection, and remediation as a first line of defense.
5. Malicious AI-driven chatbots
ChatGPT is a variant of the Generative Pre-trained Transformer (GPT) language model that is specifically designed to generate human-like text based on a given prompt. While ChatGPT can be used in a variety of applications, such as generating chatbot responses or creating content for social media, it can also be used in social engineering and phishing attacks. For example, a hacker could use ChatGPT to generate a phishing email that appears to be from a legitimate company or individual, complete with personalized greetings and specific details about the recipient. As these systems become more sophisticated, malicious threat actors could use them to write malicious code or develop exploits for vulnerabilities. This could reduce the time it takes to develop targeted threat campaigns, thus increasing the frequency of cyberattacks.
Time to sharpen your cybersecurity skillsets
As the cybersecurity threat landscape changes, organizations will need highly skilled cyber professionals and more advanced cybersecurity solutions to defend against an increasingly sophisticated range of attacks. Cybersecurity professionals need to be able to adapt quickly as new threats emerge and to find new ways to defend their environments.
Join us on January 25th as Nozomi Networks Labs’ latest OT/IoT Security Report Webinar takes a deep look into the current cyber threat landscape to provide insights into how organizations are being target by malicious threat actors.
A Deep Look Into the ICS Threat Landscape
January 25, 2023 | 7:30 AM PST, 10:30 AM EST, 4:30 PM CET
Nozomi Networks Labs’ latest OT/IoT Security Report takes a deep look into the current cyber threat landscape to provide organizations with insights into how OT/IoT are being targeted by malicious threat actors.