By Joseph Carson, Chief Security Scientist & Advisory CISO, Delinea
As 2023 draws to a close, it’s time to reflect on the significant developments in cybersecurity over the past year. This year has been marked by both a continuous escalation of cyber threats as well as innovation and improvements in cybersecurity technology. Specifically, there have been notable advancements in Cloud Security, modernization of Privileged Access Security, an authentication evolution with Passkeys, and improved API Security. Here’s a review of the milestones that 2023 offered.
Ransomware Continues to Cause Disruption
Ransomware has continued to evolve into a persistent and highly disruptive cyber threat, causing chaos and widespread damage across the digital landscape. Despite significant efforts to combat this menace, 2023 has seen ransomware attacks continue to escalate, affecting individuals, businesses, and even critical infrastructure. Ransomware remains a significant threat and the evolving tactics employed by cybercriminals have resulted in major organizations becoming victims of ransomware, costing them tens of millions of dollars.
Some governments have stepped up efforts to crack down on ransomware gangs, leading to arrests and prosecutions. Unfortunately, some governments continue to provide safe havens for cybercriminals to operate beyond the reach of authorities.
One evolution in ransomware is that cybercriminals are looking to stay stealthy and hidden, meaning the older tactics of encrypting data and demanding a ransom have changed. Cybercriminals are focusing on data theft and not causing business disruptions or downtime, and demanding the ransom for not disclosing the security incident or disclosing sensitive data on the public internet. This way the victim does not get the public attention from disruptive ransom techniques and makes it easier to make payments to the cybercriminals without the public visibility. This just might be one of the reasons why ransomware is not making the news as often as it was in previous years.
In the past year the targets of ransomware gangs have also evolved to focus on countries with less cyber capabilities and fewer laws around ransomware payments.
Some other 2023 evolutions in ransomware include:
The Cloud’s Unstoppable Rise
Cloud computing continues to shape the modern business landscape, with organizations increasingly relying on cloud services and infrastructure. This transition has not gone unnoticed by cybercriminals. In 2023, we witnessed an uptick in cloud-based cyberattacks targeting misconfigured cloud resources and insecure APIs. These breaches highlighted the importance of implementing robust cloud security measures, including access controls, encryption, and continuous monitoring.
Cloud services offer enhanced cybersecurity through expert security teams, scalability, and redundancy. They provide strict access controls and handle regular updates. However, they can pose challenges related to data privacy, potential data breaches, compliance, provider dependency, and the shared responsibility model. Implementing cloud security measures may also incur additional costs. Careful consideration of these factors is essential for organizations evaluating cloud service adoption.
Increased Threats to Critical Infrastructure
The cybersecurity community was alarmed by the increasing threats to critical infrastructure, including power grids, water treatment plants, and transportation systems. Ransomware attacks on these systems and their suppliers underscore the importance of securing privileged access to critical infrastructure assets.
Protecting these systems requires a comprehensive Privileged Access Management (PAM) strategy that ensures only authorized personnel can control, manage, and monitor critical components.
The Era of Passkeys and Passwordless Authentication
2023 marked a turning point in authentication methods. Passkeys, also known as WebAuthn or FIDO2, gained prominence as a more secure and convenient alternative to traditional passwords. These passkeys can be hardware tokens, biometric identifiers, or mobile devices, reducing the risk of phishing and credential theft.
Many organizations started implementing passwordless authentication as a way to enhance security and improve the user experience. The more we move passwords into the background and the less humans need to interact with them, the better and safer our digital world will become.
Another major development was Google announcing that they would be making passkeys the default sign-in option across Google accounts, so users are no longer required to remember or choose passwords. This is a massive step in improving security in the authentication process.
Rise in API-Related Attacks
APIs have become the backbone of modern applications, facilitating communication between different software components and services. However, they also serve as a prime target for cyberattacks.
In 2023, we observed a surge in API-related security breaches, with attackers exploiting vulnerabilities in API endpoints to gain unauthorized access to data and systems. Ensuring API security through regular testing, monitoring, and access controls became a top priority for organizations.
As we look ahead to 2024, it’s clear that cybersecurity will remain a top priority for organizations and governments worldwide. The evolving threat landscape demands constant vigilance, and adaptation to emerging risks. Developing and implementing proactive cybersecurity strategies will be critical to staying ahead of cyber adversaries and safeguarding digital assets in the years to come.
2024 Predictions
AI-Driven Attacks and Defenses: Cybercriminals will increasingly use artificial intelligence (AI) to automate and enhance their attacks. In response, cybersecurity defenses will rely more on AI and machine learning for threat detection and automated incident response, creating a continuous battle of algorithms.
Increased Demand for Cyber Insurance: The demand for cyber insurance will surge as organizations recognize the financial risks associated with cyberattacks. Insurance providers will refine their offerings and assess premiums based on cybersecurity maturity.
Geopolitical Tensions in Cyberspace: Geopolitical tensions will continue to spill over into cyberspace, leading to nation-state-sponsored cyber espionage and disruptive attacks. Cybersecurity professionals will need to monitor and respond to evolving geopolitical threats.
AI Compliance Accelerates: In 2024, the landscape of cybersecurity compliance is expected to evolve significantly, driven by emerging technologies, evolving threat landscapes, and changing regulatory frameworks. Privacy regulations like the GDPR and CCPA have set the stage for stricter data protection requirements. We can expect more regions and countries to adopt similar regulations, expanding the scope of compliance requirements for organizations that handle personal data.
Artificial intelligence and machine learning will play a more prominent role in cybersecurity compliance. These technologies will be used to automate threat detection, analyze vast datasets for compliance violations, and provide real-time insights, making it easier for organizations to stay compliant.
Passkeys Pave the Way for Passwordless Authentication: Multi-Factor Authentication (MFA) will become a standard requirement for most online services and applications. Traditional methods like SMS-based MFA will decline in favor of more secure options, such as time-based one-time passwords (TOTP) generated by authenticator apps. The move toward passwordless authentication will continue, reducing reliance on traditional passwords. Methods like passkeys, biometrics, hardware tokens, or public-key cryptography will replace or supplement passwords for access to accounts and systems.
