Geopolitics will continue to influence cybersecurity and the security posture of organizations well into 2023.
The impact of the global conflict on cybersecurity came into the spotlight when Russia made moves to invade Ukraine in February 2022.
Ukraine’s Western allies quickly realized that along with this, the threat of cyberattacks against Russia-backed Critical National Infrastructure (CNI), especially in retaliation for the hefty sanctions.
While this may not have happened the way many hoped, geopolitics is still on the back of the minds of many cybersecurity professionals looking ahead to 2023.
cyber power
Russia has always been highly regarded for its cyber capabilities and is one of the few countries that has been the source of many cyber criminal gangs.
However, as mentioned above, 2022 has not seen a serious cyberattack comparable to at least one Colonial Pipeline incident.
But e2e-assure CEO and founder Rob Demain warns: There is a widespread view that Russian cyber activity leading up to the invasion of Ukraine shows that they are not the cyber power we once thought they were. Patterns and evidence will emerge that Russia has refocused its cyber activities on non-military goals (financial and political). “
Marijus Briedis, CTO of NordVPN, warns that the cyberwar is just beginning. China could increase cyberattacks against Taiwan, Hong Kong and other countries opposing the regime. Meanwhile, Russia is expected to sponsor attacks on countries that support Ukraine. “
attack type
We are used to seeing cyberattacks that encrypt our data and demand a ransom, but in this era of state-sponsored attacks, we are likely to experience attacks aimed at chaos.
“If the past few years were defined by ransomware attacks by organized hacking groups, we are now entering an era of ever-increasing threats from state-sponsored actors seeking to disarm the global economy. Founder of Centra and former Commander of the 8200th Unit of the Israeli Military Intelligence Service.
“This poses a direct threat to specific sectors such as energy, shipping, financial services and chip manufacturing. These attacks go beyond stealing IP and demanding ransoms. They focus on appropriate disruption — compromising or shutting down critical operations on a national scale,” he said.
When it comes to the CNI environment, Demain said that operational technology (OT) could become an increasingly important target in 2023. “Attackers leverage IT to reach OT. This is due to the lack and convergence of the air gap between IT and OT. We will learn how it is designed and accessed and use this knowledge to our advantage,” he said.
Finally, when considering the war in Ukraine and how it empowered Russian cybercriminals to act, Daniel dos Santos, head of security research at Verdere Labs, said: increase. Those who acquire attack skills and the formed groups either continue to attack politically motivated targets or move into the cybercriminal underground for financial gain. ”
nothing is known
It’s tempting to look to the future, but Amanda Finch, CEO of the Chartered Institute of Information Security (CIISec), said the most confident prediction anyone can make for 2023 is even more predictions than usual. said to be inaccurate.
“The phrase ‘nobody knows nothing’ originated in the film industry, but it has been in a state of international and domestic political, economic and criminal activity unseen for decades. It’s rushing in and will be everywhere in 2023,” she said.
“For cybersecurity, this means new threats, new compliance obligations and even budgets will become very difficult to predict. So even predicting the worst may not be accurate.Instead, the watchword for security teams in 2023 is adaptability, enough to weather what promises to be a tumultuous year. It’s about ensuring agility.”
