It does so in a report presented on the occasion of International Safer Internet Day

Entelgy Innotec Security analyses cybersecurity risks and trends in 2023

Updated: 08/02/23

Cybercrime as a service that can be hired, the devastating effects of triple extortion with ransomware, phishing hidden in QR codes, automated attacks with artificial intelligence or the sophistication of attacks and some malware families are some of the dangers detected by Entelgy Innotec Security experts for this year. All of them are included in the report "Cybersecurity: risks and trends 2023", presented by the company on the occasion of the international Safer Internet Day.

On 7 February, International Safer Internet Day, Entelgy Innotec Security published its annual report "Cybersecurity: risks and trends 2023". In it, the company's experts list the numerous threats that we will have to face in the coming months, some of them inherited from 2022, and which will gain strength and force organisations to redouble their efforts to prevent information leaks and ensure that attacks do not affect the continuity of their business. Other threats, less known so far, will increase their damaging potential, so it will be necessary to anticipate them and to better understand the techniques, tactics and procedures used by cyberattackers.

These are some of the main cyberthreats:

Strengthening cybercrime for hire: tools to perpetuate cybercrime are also bought and sold, so it is no longer necessary to have cybersecurity expertise to create or use them. Ransomware, phishing and distributed denial of service (DDoS) attacks will be available on an 'as a service' basis. In addition, we will find highly specialised cybercriminal groups, which will ensure the creation of much more robust and sophisticated "tools", the result of the work of real experts. By far and away one of the biggest threats is LockBit, a family of ransomware, developed by the Bitwise Spider group, which in 2022 alone perpetrated more than 700 successful cyberattacks worldwide.
The triple extortion in ransomware. It represents a further twist on ransomware attacks. In this way, cyberattackers gain access to an organisation's systems through different techniques, deploy malware that locks the victim's computers and systems, encrypting them and demanding a ransom to provide the decryption key (a payment usually requested with cryptocurrencies or credit cards). Subsequently, if the ransom is not paid, they threaten to publish the stolen information, with the consequent reputational crisis for the organisation that is the victim of the attack. As if this were not enough, they also blackmail the clients or contacts whose data has been exfiltrated. Finally, and this would be the third extortion, attackers threaten a denial of service attack, DDoS, by sending a multitude of requests to the targeted web resource with the intention of overflowing it and causing it to crash its service.
Change in the use of frameworks, tools that are used to perform intrusions in a simple way, in just a few clicks, at low cost and that allow cybercriminals to remain undetected. The most widely used is still Cobalt Strike, but it is already well known to security teams, while other new alternatives go more unnoticed by them, which encourages their use.
Artificial intelligence and chatbots are already part of our daily lives. Given their reach, we cannot ignore the potential consequences of future automated attacks with artificial intelligence. We will have to deal with malware acting on its own in an automated way and operating with almost no human control.
On the other hand, the human factor will continue to be the main vector for cybercriminals to gain access to organisations' sensitive information, so awareness will be crucial, as will investment, which will put organisations ahead of their threats. In this respect, Qrishing (phishing hidden in QR codes), a phishing technique that will become more relevant in 2023, is worth mentioning.

Being prepared to respond to today's threats, and those to come, requires a comprehensive cybersecurity strategy. In this regard, health-conscious companies will increasingly turn to third-party managed security services, which will enable them to address their cyber security and reduce costs. In addition, these services can facilitate the profile of the virtual CISO, who will be responsible for the security of a company's information without being a permanent employee.

On the other hand, maximising security on a continuous basis, minimising costs and risks, will be achieved by contracting intelligent SOC services (Advanced Security Operations Centre). They represent a competitive advantage for companies, as they enable them to carry out continuous identification, protection, detection, response and recovery tasks. In the medium and long term, the creation or contracting of this type of service will be promoted.

Finally, Entelgy Innotec Security offers a series of cybersecurity recommendations in its report, recalling that prevention and awareness will always be essential to avoid these risks and threats.