Tag Archive for: predictions

Naked Security 33 1/3 – Cybersecurity predictions for 2023 and beyond – Naked Security

/in


It’s the last regular working weekday of 2022 (in the UK and the US, at least), in the unsurprisingly relaxed and vacationistic gap between Christmas and New Year…

…so you were probably expecting us to come up either with a Coolest Stories Of The Year In Review listicle, or with a What You Simply Must Know About Next Year (Based On The Coolest Stories Of The Year) thinly-disguised-as-not-a-listicle listicle.

After all, even technical writers like to glide into holiday mode at this time of year (or so we have been told), and nothing is quite as relaxed and vacationistic as putting old wine into new skins, mixing a few metaphors, and gilding a couple of lilies.

So we decided to do something almost, but not quite, entirely unlike that.

Those who cannot remember history…

We are, indeed, going to look forward by gazing back, but – as you might have guessed from the headline – we’re going to go further back than New Year’s Day 2022.

In truth, that mention of 33 1/3 is neither strictly accurate nor specifically a tribute to the late Lieutenant-Sergeant Frank Drebbin, because that headline number should, by rights, have been somewhere between 34.16 and 34.19, depending on how you fractionalise years.

We’d better explain.

Our historical reference here goes back to 1988-11-02, which anyone who has studied the early history of computer viruses and other malware will know, was the day that the dramatic Internet Worm kicked off.

This infamous computer virus was written by one Robert Morris, then a student at Cornell, whose father, who also just happened to be called Robert Morris, was a cryptographer at the US National Security Agency (NSA).

You can only imagine the watercooler gossip at the NSA on the day after the worm broke out.

In case you’re wondering what the legal system thought of malware back then, and whether releasing computer viruses into the wild has ever been considered helpful, ethical, useful, thoughtful or lawful… Morris Jr. ended up on probation for three years, doing 400 hours of community service, and paying a fine of just over $10,000 – apparently the first person in the US convicted under the Computer Fraud and Abuse Act.

The Morris…

Source…

The Boldest Cybersecurity Predictions for 2023

/in


The end of the year is upon us, and that means predictions — lots and lots of predictions. And no wonder: With 2022 in the books, cybersecurity professionals worth their salt are starting to think about what’s around the next bend; one needs to be prepared, after all.

This year, we wanted to break out of the mold of covering predictable predictions (“more automation is on the horizon,” anyone?) to focus on some of the more out-there views on what the cybersecurity landscape might hold for the next revolution around the sun. In this, our stable of experts didn’t disappoint.

Security experts from near and far gave Dark Reading their most outrageous/boldest security predictions for 2023. Whether that’s something that will happen on the threat side of things (hackers will start WWIII), an impending crazy cyberattack (looking at you, evil Santa elves), a prediction for insane futuristic tech on the defensive side (bot vs. bot), nutty enterprise trends (spyware for employees), what have you — these crystal ball-isms will hopefully make you think about what is in store.

For instance, David Maynor, director of the Cybrary Threat Intelligence Team (CTIG), offered up a slew of hot takes for 2023 that run to the dystopian. And we’re here for it:

“Information security practitioners will continue to be divided into topics, such as active defense, to the point that pseudo-religious cults may form,” he opines. “DEF CON will be canceled. A reboot or sequel of one of the following movies will be greenlit: Hackers, Sneakers, WarGames, The Net, Swordfish.”

Nicely done, David. And that’s just the beginning.

Cookies to the Rescue: A Seasonally Appropriate Hacking Collective

To kick things off, Dean Agron, CEO and co-founder of Oxeye Security, flagged an impending cyberattack that’s sure to hit everyone on Santa’s list, not just the naughty ones.


“The ‘Santa’s Gift’ attack, from a Greenland-based hacking group called ‘[email protected]‘s 3lves’ will allow attackers to bypass input sanitation mechanisms by using a specific combination of 🎅🏼 🦌 🧝 🎄 🎁 🛷 emojis (Santa, reindeer, elf, Christmas tree, gift, and sleigh). Every input that allows inputting emojis is vulnerable, and the right…

Source…

Cybersecurity Trends, Threats, And Predictions For 2023

/in


2022 has been another year of high-profile data breaches, mirroring the years before in the growing number and sophistication of cyber threats. Cyber-attacks have become part of a boiling cauldron and some of the brining liquid has seeped over into the corporate and government digital landscapes.

Consistently, phishing, insider threats, business email compromise, lack of skilled cybersecurity workers, and misconfigurations of code have been common trends throughout the past decade. They still will be trends in the coming year, but other factors and developments will also permeate a precarious cybersecurity ecosystem. Let us explore some of them.

2023 Cyber Trends:

Geopolitics and Critical Infrastructure And Supply Chain Attacks:

The 2020 World Economic Forum’s (WEF) Global Risks Report listed cyberattacks on global Critical Infrastructure (CI) as a top concern. WEF noted that “attacks on critical infrastructure have become the new normal across sectors such as energy, healthcare, and transportation.” ]The Global Risks Report 2020 | World Economic Forum (weforum.org)

That global risk was exemplified in the Russian invasion of Ukraine which set a new stage for the use of cyber weapons aimed at disabling critical infrastructure. In accordance with the kinetic attacks, Russia has incessantly attempted to target key Ukrainian critical infrastructures to help enable their war efforts. Russian cyberattacks have succeeded in shutting down Ukraine’s power grid in the past and Ukraine’s power grid is still under bombardment from both physical and digital missiles. For the most part, the attacks have been thwarted by a well-trained and prepared Ukrainian cyber force. Bust Russian and Russian proxy cyber capabilities are still significant and pose threat not only to Ukrainian infrastructure but to the West in general as evidenced by the Colonial Pipeline attack and by the Solar Winds breach. They will intensify and spread in the coming…

Source…

2023 IT Security Predictions From Professionals Who Live It Every Day

/in


We’re now in the fourth quarter, which means leaves are changing color, kids are creating lofty shopping lists, and their moms are pulling the winter clothes from storage. Oh, and a slew of prognosticators are compiling 2023 prediction lists for December distribution.

To beat the prediction rush, Radware reached out to several of our customers to find out what they think 2023 will bring to light in the world of cybersecurity. So, before you find out who prognosticators are predicting to win the World Cup or which movie will win the Oscar for best picture, read the following to be ahead of the curve, at least concerning cybersecurity.

2023—What Lies Ahead

Rajesh Garg is the executive vice president and chief digital officer, head of cybersecurity, at Yotta Infrastructure Solutions, LLP.

“Over 30% of company boards will have a dedicated cybersecurity committee that’s overseen by a qualified board member. Also,” continues Rajesh, “more than 30% of enterprises will deploy cloud-based security web gateways, cloud access security brokers, and zero trust networks.”

Diego Del Portillo is an IT infrastructure analyst at Puerto De Barranquilla in Colombia.

“Attacks will continue to become more complex because infrastructures are becoming more complex, as well,” says Diego. “Ten years ago, you could protect your infrastructure with firewalls and antivirus products, but today you need to use many platforms to be safe.

“Companies must strengthen their cybersecurity bench with professionals who have up-to-date skillsets to help address the growing complexity of attacks. For that reason, the focus should be as much on professionals as on technology.”

Ankur Mittal is a senior technical engineer at Hitachi Systems Micro Clinic Pvt.

“Deep fakes will become a greater concern because they use AI to mimic human activities. As a result, they can be used to enhance social engineering attacks. And the continued commercialization of advanced applications lowers the bar for creating deep fakes. This could lead to real-time impersonations over voice and video applications that cybercriminals will use to pass biometric analysis. It will pose a significant challenge and secure…

Source…