Virtualization Technology News and Information
WatchGuard Technologies 2023 Predictions: Cybersecurity Challenge


Industry executives and experts share their predictions for 2023.  Read them in this 15th annual series exclusive.

2023 Predictions: Cybersecurity Challenge

By Corey Nachreiner, CSO at WatchGuard

In 2023, WatchGuard's Threat Lab team predicts that hackers will try to bypass cybersecurity defenses using new techniques focusing on business processes, identity and artificial intelligence. Today, we're diving into hacks, attacks and how they might affect businesses beyond breaches and data loss. What predictions will come true...only time will tell! 

1.   Insurers Verticalize Their Already Increased Security Requirements 

Both costs and compliance requirements have risen over the past few years, making cyber insurance a huge topic lately. Since offering cyber extortion options, insurers have taken heavy losses, as their initial strategy of paying ransoms drove up their costs. As a result, they have begun passing those increased costs on to their customers and significantly increasing the technical security requirements they ask of customers before insuring them.

While clients are already dazed by the onerous new requirements and the higher cost required to re-up their policies, some verticals will have it more challenging than others during 2023. Verticals that are more attractive targets for cybercriminals will be forced by insurers to adhere to the strictest compliance regulations and bear the highest costs. The most affected industries are also in the headlines due to cyberattacks. For instance, we suspect healthcare, critical infrastructure, finance, and managed service providers (MSPs) will be subjected to more stringent cybersecurity requirements from insurers. Cybersecurity vendors will also be targets of higher prices and requirements. Some insurers might even adopt "approved security vendor lists," only underwriting policies for companies that use a particular vendor's security solution. In the end, you should plan for increased premiums and more hoops to jump through if cyberattackers target your vertical.

2.   Cybersecurity Evaluation and Validation Become a Top Factor in Selecting Vendors and Partners

If you've been paying attention, you're no stranger to the massive spike in digital supply chain breaches over the last two years. A digital supply chain breach is one where a software or hardware insecurity with one of your vendors - either through a product flaw or a violation of their own network -introduces a security hole that opens you or your organization to a breach. Common examples include the SolarWinds and Piriform attacks - where a violation of their networks resulted in attackers booby-trapping popular products like Orion and CCleaner. The Kaseya event is another example; a zero-day vulnerability in the company's popular VSA product exposed customers who used it to conduct a widespread ransomware attack. Those are just three of the numerous digital supply chain incidents over the past couple of years. 

Organizations are increasingly concerned with the security of the partners and vendors they do business with due to the surge of these supply chain attacks. After spending so much time refining their own defenses, it would feel incredibly frustrating to fail due to someone else's security errors. As a result, companies are making a vendor's own internal security practices a crucial part of the decision regarding product and service selection. In fact, vendor validation and third-party risk analysis have even become a new industry vertical, with products that help survey and keep track of the security programs of your outside vendors. In short, during 2023, the internal security of vendors might become a top selection factor for software and hardware products and services - right below price and performance. 

3.   The First Big Metaverse Hack Affects a Business Through New Productivity Use Cases

Despite the controversy, the metaverse has been making headlines lately. Huge companies like Meta (formerly Facebook) and TikTok's parent company, ByteDance, are investing billions into building the connected virtual/mixed/augmented worlds that they believe will become a mainstream part of society in the not-too-distant future. Unfortunately, the virtual reality (VR) metaverse offers excellent new potential for exploitation and social engineering. We already leak a lot of our private data online via mouse and keyboard ‒ now imagine a device with numerous cameras and infrared (IR) and depth sensors that track your head, hand, finger, face and eye movements, too. In addition, consider the device mapping your room, furniture and even your house in 3D as you move around while also tracking things like your laptop keyboard. This happens today if you use a modern VR or mixed reality (MR) headset like the Meta Quest Pro. Now imagine software keeping a historical record of all this tracked data. What could a malicious hacker do with it? Perhaps create a virtual deepfake of your online avatar that can also move and act as you do.

While these potential threat vectors might be five to ten years away, the metaverse can still be targeted today. In 2023, we predict the first big metaverse hack that affects a business will result from a vulnerability in new enterprise productivity features targeting enterprise use cases. Most likely it will be from a well-known threat vector reimagined for the VR future. Near the end of 2022, Meta released the Meta Quest Pro as an "enterprise" VR/MR headset for productivity and creativity use cases. The Meta Quest Pro allows you to create a remote connection to your traditional computer desktop; you can see your computer's screen in a virtual environment and create virtual monitors and workspaces for your computer. It even allows a remote employee to launch virtual (vs. video) meetings that enable you to interact in a more life-like way. Essentially this leverages the same type of remote desktop technologies - like Microsoft's Remote Desktop or Virtual Network Computing (VNC) - that cybercriminals have targeted and exploited countless times in the past.

4.   MFA Adoption Fuels Surge in Social Engineering

Threat actors will aggressively target multi-factor authentication (MFA) users in 2023 as increased MFA adoption requires attackers to bypass these security validation solutions. Confirming what WatchGuard previously predicted, MFA adoption is up six percentage points to 40% this year, according to a Thales survey conducted by 451 Research. This will push cyberattackers to depend more on malicious MFA bypass techniques in their targeted credential attacks. Otherwise, attackers will be unable to target a certain caliber of victim.

We expect several new MFA vulnerabilities and bypass techniques to surface in 2023. However, the most common way cybercriminals will sidestep these solutions is through clever social engineering. For instance, the success of push bombing isn't an MFA failure per se; it's caused by human error. If attackers can trick your users or wear them down with a deluge of approval requests that eventually drive them to click on a malicious link, they don't have to hack MFA. Attackers can also update their adversary-in-the-middle (AitM) techniques to include the MFA process, thus capturing authentication session tokens when users legitimately log in. In either case, expect many more MFA-targeted social engineering attacks during 2023.

As these threats evolve from predictions to potential reality, you must ensure you have the resources and solutions to protect your business and your customers. To learn what other emerging threat trends and security techniques are lurking around the corner and how you can help protect against them, check out the WatchGuard Threat Lab's complete 2023 Cybersecurity Predictions here.



Corey Nachreiner, CSO of WatchGuard Technologies

Corey Nachreiner

Recognized as a thought leader in IT security, Nachreiner spearheads WatchGuard's technology vision and direction. Previously, he was the director of strategy and research at WatchGuard. Nachreiner has operated at the frontline of cyber security for 23 years, and for well over a decade has been evaluating and making accurate predictions about information security trends.

As an authority on network security and internationally quoted commentator, Nachreiner's expertise and ability to dissect complex security topics make him a sought-after speaker at forums such as Gartner, Infosec and RSA. He is also regularly contributes to leading industry publications and delivers WatchGuard's "Daily Security Byte" video Secplicity.

Published Thursday, December 29, 2022 7:38 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<December 2022>