Which trends can help to sustainably plan and improve cyber security? Which developments should cyber security officers keep an eye on in 2023? IKARUS-partner Mandiant, market leader in threat intelligence, has worked out a global forecast for 2023. [1] We have looked at the main topics for Europe.
More Ransomware attacks in Europa
According to Mandiant‘s „Cyber Security Forecast 2023“, Ransomware will continue to take a strong influence on the global cyber security landscape. Europe could soon replace the United States as the region with the most ransomware attacks at present. Indicators show that ransomware activity in the US is tending to decrease and shift to other regions of the world. In Europe, on the other hand, the number is steadily increasing. By 2023, Europe could top the list of most affected regions.
Exacerbated effects of the Ukraine-war
Much of Russia’s cyber activity is currently focused on Ukraine. However, by 2023, Russia could expand its cyber-attacks across Europe. The fact that physical conflicts slow down during the cold season could create more opportunities for Russian cyber threat actors to focus on additional targets – for example, energy supply companies, defence industries, and supply and logistics companies involved in the delivery of goods to Ukraine.
Cyber-attacks on European energy suppliers
Concerns about energy prices and supply in Europe could be taking shape in the form of malicious cyber-attacks. Mandiant security researchers have already seen an increase in phishing campaigns around energy. Ransomware groups are also known for not sparing even hard-pressed sectors – so the experience of healthcare at the start of the pandemic could be repeated in the energy sector. European energy suppliers are also a potential target for state-sponsored threats – for example, against sanctions regimes or against countries that want to reduce their dependence on Russian energy.
Password-free authentication in 2023
The forecast for the spread of password-free authentication also sounds exciting. The theft of corporate data is still one of the main methods cyber criminals use to gain access to victim systems. In addition, there were several examples of attacks in 2022 that also leveraged technologies such as multi-factor authentication. Industry leaders like Apple, Google and Microsoft have agreed to new standards of the FIDO alliance and World Wide Web consortium in order to offer new and secure authentication methods. [2]
Initially, these technologies will focus on password-free resources for end users. Companies can also push new identity platforms that rely on password-free concepts to improve their own security.
This might also interest you:
Cyber Threat Intelligence in practice
Wiper malware: destroying not blackmailing
Secure APIs against unauthorised access and manipulation
Sources: