In recent months, several noteworthy cybersecurity incidents have occurred, leading to stolen data, compromised accounts and widespread financial losses.
For starters, password managers are under attack. These breaches are particularly upsetting, given that password managers are supposed to help keep credentials under wraps. Unfortunately, even when customer passwords are stored in a locked vault, if hackers gain access to master passwords – the keys to unlock password vaults – they can access multiple accounts.
In recent months, two popular password manager solutions fell victim to hackers:
- LastPass announced a breach in December after learning that an unauthorized user accessed a third-party cloud storage service the company uses to store backups of production data. Although the hackers didn’t get away with any customer data, they stole source code and other technical data from the development environment, then targeted a LastPass employee and used stolen credentials to decrypt cloud-based storage volumes. In this way, they were able to access a backup of customer vault data. While the vault data is also encrypted, LastPass warned customers that hackers may attempt a brute force attack or launch phishing or social engineering schemes against online accounts associated with the vault data.
- Okta confirmed a breach – its third over the course of a year – when a hacker accessed source code after breaching Okta’s GitHub repositories. This attack comes on the heels of being targeted by Lapsus$, an extortion group that breached the account of an engineer at a third-party service provider and publicized screenshots of Okta’s systems and apps. Okta was also compromised over the summer, and more than 100 companies were impacted.
Adding to this threat, ransomware attacks continue to cost companies billions annually, and associated damages are expected to surpass $30 billion globally in 2023. About half of all data breaches start with stolen credentials. For example, hackers infiltrated Royal Mail in January, threatening to publish stolen data. Then a children’s hospital in Toronto, SickKids, was hit by the LockBit ransomware group, who took out many of the hospital’s critical systems and proved that no one – not even sick children – are safe from the fallout of a cyberattack.
With breaches such as these becoming more frequent and severe, knowing what types of threats to watch for and implementing cybersecurity best practices is an absolute must.
Key Predictions for 2023
Following are some insights from security experts on what threats will be most prevalent in 2023:
- Social engineering and phishing attacks are the biggest threat. According to the CS Hub Mid-Year Market Report 2022, 75% of survey participants say that social engineering and phishing are their biggest cybersecurity concern. In fact, hackers used social engineering to help them commit at least 20% of successful data breaches in 2022. Once criminals obtain credentials using these methods, they can infiltrate corporate networks and launch a ransomware or malware attack with ease.
- The “Deep fake” tactic is gaining traction among hackers: Yahoo Finance reports that deep fake content – computer-generated visual content intended to convince viewers of an event or action that never happened – shot up 400% since 2021. Use of fake audio and video in cybercrime is increasing, as well.
- DDoS and “hacktivism” will ramp up: In just the second half of 2021, DDoS attacks shot up by 203%, and 60% more attacks occurred during the first six months of 2022 than in all of 2021. This increase accompanied a spike in so-called “patriotic hacktivism” – breaking into a computer system or network for social or political reasons. As political tensions heat up globally, this trend is likely to intensify.
- Critical infrastructure is at stake: According to the FBI, 649 ransomware attacks were launched against U.S. critical infrastructure, taking government websites offline. Such attacks put everyone at risk, threatening to take down the systems our nation relies upon for communication and survival.
- Cybersecurity spending will increase. According to ESG research, over half (53%) of organizations intend to boost IT spending this year. But even those who aren’t increasing spending will be reallocating funds to fighting cybercrime, as 65% of organizations intend to increase spending on cybersecurity.
These predictions foreshadow doom and gloom for organizations that don’t have the proper tools and practices in place – and now’s the time to take action.
Cybersecurity Best Practices to Prioritize
Here are some best practices you can implement to protect your organization against cyber attacks in the coming year:
- Encourage cultural change. Given the nature of today’s attacks, it’s critical to understand that cybersecurity is everyone’s responsibility. Implement employee training to ensure everyone understands how to identify and report suspicious emails, texts, phone calls and websites, to minimize the threat of social engineering and phishing attacks. Follow best practices for creating and protecting passwords – don’t simply rely on password management software, as it can also be hacked.
- Trust no-one. Zero-trust cybersecurity strategies will replace traditional approaches such as virtual private networks to allow scalability while protecting organizations against threats. This multi-tiered approach follows the motto, “never trust, always verify,” and features continuous, permission-based authorization and access to business-critical resources. This approach encompasses Just-in-Time (JIT) security and aligns with DevOps practices, contributing to a robust DevSecOps posture. Granting access to applications and systems on an as-needed basis minimizes the risk of attackers exploiting employee privileges.
- Keep all of your hardware and software updated. Outdated technology introduces vulnerabilities that open the door for cybercriminals. Being able to detect, recognize and identify all connected devices enables IT security teams to maintain a complete and accurate technology asset inventory, and properly manage the attack surface. They can then enrich this information with additional data, such as patch status, vulnerability exposure, End-of-Life (EOL) and End of Service Life (EOSL) information, security compliance and more. Solutions that provide access to this information via pre-built and customizable dashboards are invaluable for helping to maintain a robust security posture.
An Essential Building Block for Cybersecuirty
As the cybersecurity landscape continues to evolve, so will technologies for identifying vulnerabilities and threats, strengthening security and reacting swiftly to threats and breaches. By providing accurate, granular information about technology devices and the software that runs on them – an essential building block for EDR, XDR, NDR, SIEM, ZTNA and CAASM – Lansweeper enables technology partners to protect customers from the danger and the potential damage of an attack.
For more information about embedding Lansweeper into your technology offerings, visit our product pages or contact us to explore use cases for your organization.
