Threat landscape insights and predictions for 2023

Kaspersky, the cybersecurity company, has shared the evolution of the digital threat landscape in the Middle East, Turkey and Africa (META) region and worldwide.

At the company’s annual Cyber Security Weekend – META, which took place in Jordan, its executives discussed various topics and threats specifically facing enterprises, businesses and industrial organisations. It also shared threat predictions for the upcoming year.

A special focus was made on security for emerging technologies, such as robotics, internet-of-things and critical industry-specific threats.

According to Kaspersky Security Network statistics, about every third user in the META region was affected by online and offline threats from January-September 2022.

Focusing on the Middle East, Qatar had the highest number of users affected by online threats, followed by Bahrain, Saudi Arabia, UAE and Kuwait. Fewer users were affected in Egypt and Jordan.

The highest numbers of offline threats in the Middle East were reported in Egypt, Qatar and Jordan.

Meanwhile, Bahrain, UAE, Kuwait and Saudi Arabia had the lowest numbers of affected users in the Middle East by local threats.

“Today’s hyper-connected world requires us to reconsider the way we do cybersecurity. We need to shift toward a more reliable approach – one with no room for error. This is why we’re working on developing cyber immune products with ‘innate’ protection against cyberthreats. Most attacks on the cyber immune systems are ineffective. It’s through events like this one in Jordan that we’re able to share our innovations and educate our audience about a safer and more resilient digital world where cyber immunity is the new norm,” said Eugene Kaspersky, CEO of Kaspersky.

2023 predictions – What’s next?
The 2023 forecast is based on Kaspersky expertise and the activity witnessed this year while tracking more than 900 APT groups and campaigns.

The next WannaCry and drones for proximity hacking. Kaspersky researchers believe the likelihood of the next WannaCry happening in 2023 is high. One potential reason for an event like this occurring is that the most sophisticated threat actors in the world are likely to possess at least one suitable exploit, and current global tensions greatly increase the chance that a ShadowBrokers-style hack-and-leak could take place.

Other advanced threat predictions for 2023 include:

SIGINT-delivered malware. One of the most potent attack vectors imaginable, which uses servers in key positions of the internet backbone, allowing man-on-the-side attacks, may come back stronger next year. While these attacks are extremely hard to spot, researchers believe they will become more widespread and will lead to more discoveries.

The rise of destructive attacks. Given the current political climate, Kaspersky experts foresee a record number of disruptive and destructive cyberattacks, affecting both the government sector and key industries. It is likely that a portion of them will not be easily traceable to cyberattacks and will look like random accidents. The rest will take the form of pseudo-ransomware attacks or hacktivist operations to provide plausible deniability for their real authors. High-profile cyberattacks against civilian infrastructure, such as energy grids or public broadcasting, may also become targets, as well as underwater cables and fiber distribution hubs, which are challenging to defend.

What #cybersecurity threats await us in 2023?

From #DeepFakes to #semiconductor shortages to #ransomware, the experts weighed in.

Check it out ? https://t.co/xkIlflmKd8 pic.twitter.com/ew7dYkMEtA

— Kaspersky (@kaspersky) November 19, 2022

Mail servers become priority targets. Mail servers harbor key intelligence, making them valuable to APT actors, and have the biggest attack surface imaginable. The market leaders in this industry have already faced exploitation of critical vulnerabilities, and 2023 will be the year of 0-days for all major email programmes.

APT targetting turns toward satellite technologies, producers and operators. There is evidence of APTs being capable of attacking satellites, with the Viasat incident as an example. It is likely that APT threat actors will increasingly turn their attention to the manipulation of, and interference with, satellite technologies in the future, making the security of these technologies ever more important.

Hack-and-leak is the new black. The new form of hybrid conflict that unfurled in 2022 involved a large number of hack-and-leak operations. These will persist in the coming year with APT actors leaking data about competing threat groups or disseminating information.

More APT groups will move from CobaltSrike to other alternatives. CobaltStrike, a red-teaming tool, has become a tool of choice for APT actors and cybercriminal groups alike. It has gained significant attention from defenders, making it likely that attackers will switch to new alternatives such as Brute Ratel C4, Silver, Manjusaka or Ninja, all offering new capabilities and more advanced evasion techniques.

Read: Kaspersky opens new office in Saudi Arabia