With the evolution of technology such as artificial intelligence and quantum computing, the risk of cyberattacks for businesses rises every day. The consequences of attacks can be severe for companies, damaging their reputation and hitting them in the pocket.
In reaction to the growing cyber threat, governments, regulators and insurers are taking steps to prevent cyberattacks from causing breaches.
Financial intelligence company Moody’s has highlighted what it thinks are the biggest cyber threats facing businesses in 2023.
Ransomware attacks will shift away from the US
While the United States continues to be the target of most cyberattacks, US sanctions have prevented payments to several ransomware groups based in Russia, North Korea, and Iran.
The US government has also intensified pressure on hacking gangs via penalties, arrests, and cryptocurrency seizures, hackers are broadening their assaults to encompass targets in other countries.
As a result, Moody’s believes this cyber threat is growing for businesses in other parts of the world. Ransomware gangs have already reacted by shifting their focus to other places, such as Europe. In the first half of 2022, there were 63% more attacks on European organisations than in the previous six months.
Scrutiny from governments and regulators will increase
Regulators around the world are likely to put the cybersecurity provisions of businesses under the microscope in 2023, Moody’s says, with incident disclosure requirements set to be toughened up.
The EU enacted the Cyber Resilience Act in September 2022, which includes stricter cybersecurity regulations for Internet of Things (IoT) devices and hefty fines for software developers that break the new laws. Now, companies must demonstrate compliance with important cybersecurity safety standards, which is likely to increase costs for device manufacturers and service providers
In the aftermath of the 2021 ransomware attack on Colonial Pipeline company in the US and the Russian invasion of Ukraine, regulators have strengthened reporting requirements, with a focus on cyberattack resilience. For instance, enhanced disclosures on incident reporting and cyber risk monitoring by registered businesses are essential.
The US Securities and Exchange Commission wants to see tougher rules around compulsory public disclosures of cyberattacks. As well as offering greater transparency to customers, this would enable governments to get a better handle on the magnitude of cyber dangers and adjust their policies accordingly
Incident disclosure can help other companies prepare for similar attacks or identify malicious activity on their networks. Agencies such as the US Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre gather cyber reports from targeted organisations, examine patterns, and use this to provide support to businesses in managing cyber risks.
Passwordless technology will provide a powerful cyber defence, but adoption will be slow
To protect against cyber threats such as credential-stealing attacks, organisations will look to move away from passwords in favour of novel identification technologies, Moody’s believes.
One novel authentication method that is gaining popularity is the Fast Identity Online (FIDO) protocol. By using public key cryptography that is connected to the devices themselves, users of the FIDO protocol will be able to sign in to internet services (such as social media). In this situation, passwords would not be necessary.
It will take some time before FIDO passkeys and other similar technologies become regularly used to prevent password and data breaches, Moody’s explains, since applications and websites need to be updated to support them, and many devices will only accept password-based logins.
Hacktivism will intensify and deepfake-enabled fraud will rise
Hacktivism first emerged in the late 2000s, with groups like the Anonymous collective using low-grade distributed denial of service (DDoS) attacks to target well-known websites for political or social reasons.
It has returned with a vengeance in recent years, and Moody’s predicts more hacktivists will be active in 2023.
Recent hacktivist campaigns have included a DDoS attack on the Minneapolis Police Department after George Floyd’s murder in 2020. Compared to the Anonymous group, this was a more advanced attack. The cybersecurity company Check Point claims that hacktivism has evolved into a well-planned, intelligent, and organised movement that has occasionally resulted in attacks on powerful institutions like governments and corporate entities.
According to Mandiant, a Google security business, Russian hacktivist organisations collaborated with the GRU, Russia’s military intelligence agency, during the Ukraine crisis.
Mandiant published fresh material in September 2022 that indicates four instances when GRU intrusions appear to have been coordinated with hacktivist activity, three well-known hacktivist organisations, and three important hacktivist organisations. The pro-Russia hacktivist organisations are CyberArmyofRussia, Infoccentr, and XakNat Team. GRU-linked hackers planted wiper software on victims’ PCs during each assault in order to disrupt networks and collect data. The gangs were found within 24 hours of disseminating the stolen data from the assaults.
Hacktivism is now better organised and functioning, just like deepfake technology. All these technologies are becoming more convincing and harder to avoid, as well as very easily believable.
Deepfakes employ deep learning artificial intelligence to create fake images, audio or video. They could be used to damage an organisation’s reputation or to steal large sums of money. This is due to the increasing threat of deepfake attacks. In recent years, deepfakes have been often used to strengthen business email compromise (BEC) assaults.
Both of these problems fall under the umbrella of BEC fraud, also known as funds transfer fraud, which occurs when a con artist deceives a company into transferring money to them. It is the main reason for financial loss brought on by cyberspace.
Demand for cyber insurance will overweigh supply
Businesses must be increasingly cautious regarding their exposure to cyber risk as attacks become more sophisticated. With growing premiums and stricter restrictions, this has led to a boom in the market for cyber insurance.
Munich Reinsurance Company projects that the market will grow to $22bn by 2025 from around $9.2bn at the beginning of 2022 as a result of the growing need for and demand for coverage.
However, Moody’s says businesses that offer cyber insurance are struggling to keep up. Insurers were obliged to restrict the scope of their cyber coverage and limit their conditions due to the projected increase in demand in 2020 and 2021. Some insurance firms have instituted coinsurance, which compels policyholders to split the cost of a claim, while many have cut the cyber policy limits.
Even the most basic cyber insurance is now more challenging to get due to increased underwriting standards. As a result of the additional criteria, certain companies with insufficient insurance and insufficient funding now run the danger of losing their ability to be insured, the market is likely to become more complex for tech companies in 2023.