In 2023, we've got three predictions of cyber attacks that we think will be the most prevalent this year
The first prediction is an increase in the sophistication of phishing.
Last year, a major company was breached about every week, let alone the numerous cases of small businesses falling for phishing. Some of these breaches even came from teenagers tricking these large organizations by utilizing sophisticated phishing attacks.
For example, one recent phishing example we’ve seen become more relevant is phishing emails sending requests through electronic signature tools. Once you click on what you believe is a form to fill out or sign, you are taken to a blank image. That blank image has malware embedded into it, enabling malicious attackers to gain control of the network.
Even if these applications make changes to stop these attack vectors, bad actors will pivot and try other methods to send out phishing emails, such as utilizing AI technology to help craft phishing emails.
Another example is of bad guys targeting call centers, where they impersonate a customer trying to set up an account and after being unsuccessful send a screenshot to a support agent, only for the screenshot to contain malware that gets uploaded to the support agent’s computer and the corporate network.
Another trend that’s increased is SMS phishing or smishing. This is where your text messages are being used against you, with attackers trying to get access to automatic two-factor authentication codes that come up in text messages. But if your phone has been compromised via one of these previous methods, attackers will be able to access the code before you do.
Mobile attack surfaces will continue to increase. There are a plethora of phone apps, from banking apps to retail apps to social apps, all of which are capable of web view capability. If an attacker can launch and hijack the JavaScript, they can instigate a number of attacks. For instance, if it pulls up a URL, hackers can conduct overlay attacks, where they mimic your bank’s login portal or create a form that goes right over the top of your website’s checkout form, allowing them to steal your customers’ sensitive information.
Much of this issue is the attack surface itself, where you have all of these apps but then don’t have a method to filter or detect spam to either be turned on or natively enabled.
You also have incoming messages being displayed regardless of the content on mobile phones.
You need to focus on cybersecurity due diligence and your user security awareness because even with all the technical controls in place, these phones can be an easy gateway into your business security. Previously, these mobile browsers were put in a sandbox, with it being difficult for third party coding to be injected into these sandboxed apps.
But now with web view, these attackers will continue to target the web view browser.
We recommend that if you don’t need an app on your phone, get rid of it. If you do keep an app on your phone, you need to update it regularly.
Many recent breaches have actually come from the development environment. This is because developers are looking for ways to speed up production, testing, and deployment, looking for more methods to automate code. Developers are likely dealing with increased pressure to launch new products to the market as fast as possible. Often this speed comes at the cost of security.
Cyber hygiene and a robust security posture have never been more important. The dev attack surface is only going to grow, and bad guys are starting to figure this out. Recently, we’ve seen attackers looking for backdoors that will allow them access to the dev environment.
Beyond backdoor vulnerabilities and active former DevOps accounts and credentials, third parties or contractors open up security vulnerabilities to organizations. For example, impersonation attacks that compromise dev tools and code libraries will continue to be a huge security issue, such as with clipper malware, which hijacks a user’s clipboard data.
The most important thing that organizations can do to prevent data breaches are basic, fundamental security protocols. Get compliant with the PCI standard and then continue to pursue a mindset and culture of security. The PCI standard is great at covering the bare minimum that your organization will need to stay secure, but it take a much more proactive approach to really secure your organization.
Especially with ever-changing technology, having a mindset of security is the smartest approach because it will help you adjust to new threats as they come up.
.svg)
