Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Cybersecurity in 2023: Forescout’s top five predictions revealed

by Staff GBAF Publications Ltd
0 comment
cloud cyber



With the end of 2022 fast approaching, Forescout’s research team, Vedere Labs, has looked ahead to what the cybersecurity landscape will look like next year.

Here are the top five predictions for 2023, as shared by Daniel dos Santos, Head of Security Research at Vedere Labs.

Ransomware groups will expand into more IoT devices and continue evolving their extortion campaigns

Now that cross-platform ransomware is the norm, several groups have shown the profitability of attacks leveraging IoT devices (e.g. Lorenz on VoIP, Conti on routers and DeadBolt on NAS) and organisations have increased protections on their IT networks. As a result, the stage is set for an explosion of ransomware attacks using these devices for initial access or impact.

Threat actors will focus on exposed devices with a weak security posture (e.g. default/weak credentials and easy-to-exploit vulnerabilities) for initial access into organisations and on-critical devices for impact and new extortion techniques.

Probable favourite targets will be IP cameras and VoIP systems. We could also see the emergence of Initial Access Brokers (IAB) specialising in IoT access.

Hacking groups that appeared or became more active during the war in Ukraine will continue to act, regardless of what happens with the war

The war in Ukraine brought a lot of hacking groups to the scene or made groups that already existed focus on politically-motivated attacks.

Regardless of whether the war continues or ends, these groups will remain active. The people who gained offensive skills, and the groups that formed, will continue attacking politically-motivated targets or transition into the cybercriminal underground for financial gain.

State-sponsored actors will continue to expand their arsenal with new sophisticated malware

2022 has seen the emergence of state-sponsored ransomware, the use of wiper malware on satcom modems and out-of-band management technology, as well as new OT/ICS-specific malware.

In 2023, state-sponsored actors will continue to expand their arsenal and target other types of devices in espionage or disruption campaigns.

Medical device cybersecurity challenges will persist

On September 12, the FBI released a private industry notification about a growing number of vulnerabilities in medical devices that can be exploited by threat actors to ‘impact healthcare facilities’ operational functions, patient safety, data confidentiality and data integrity.’

This notification came after the discovery of significant vulnerabilities this year, affecting medical devices, such as infusion pumps, medication dispensing systems and electrocardiographs. It also follows a wave of ransomware attacks that have targeted healthcare organisations over the past few years, some of which have rendered medical devices unusable.

The challenges with medical device security – long lifespans, difficulty in patching and customised software/firmware – will remain.

2023 could also be the year where we see attacks not only spill over to medical devices, but actually target them (potentially their insecure-by-design features as in OT), although it would require specific attacker motivation to purposefully target devices that could directly harm people. 

Attacks on critical infrastructure will continue to increase

2022 saw dozens of notable attacks on utilities and critical infrastructure organisations, either directly targeting OT or via ransomware starting on the IT network.

These types of attacks will continue in 2023, with ransomware being the most popular type of attack. In many cases, ransomware gangs are refraining from encrypting data on critical infrastructure, instead resorting to exfiltration and extortion.

Next year, some of this leaked data, which often contains sensitive OT data, could be used for disruptive OT attacks by other groups with different objectives than financial gain.

The cybersecurity space will undoubtedly continue to evolve next year, at the same rapid pace we’ve experienced this year. IoT devices, particularly IP cameras and VOIP systems, will be particularly compromised, as will medical devices. At the same time, ransomware will pose an even greater threat to utilities and critical infrastructure organisations, further compromising the IoT device space. Meanwhile, state-sponsored ransomware will cause widespread disruption and the activity of hacking groups will proliferate. 

Every organisation must stay alert to the areas outlined above and keep security top of mind. Otherwise, they run the risk of bad actors exploiting vulnerabilities. Above all else, they must heed the fact that no business, irrespective of industry or location, is immune from the growing threat of a successful cyberattack.