Hello, dear Inside Security readers, As 2022 comes to an end, first, let us thank you for being with us during this year and helping us grow to new levels! Cybersecurity in 2022 can be characterized as dynamic, unpredictable, and impactful. From new hacker groups being created to old ones that have resurfaced and from new malware variants to new ransom negotiation tactics, the cybersecurity industry has been one of the most interesting ones to watch. We expect 2023 to be no different, so without further ado, here are what we believe will be the Security Trends That Will Matter Most in 2023. |
| |
- 1) The rise of AI scams
- As we've seen with the recent ChatGPT hype, access to Artificial Intelligence tools that can create conversational structure within seconds has never been easier. The progress made in this field, best shown by ChatGPT's most recent version, has stunned many people. While the positive effects of this technology are obvious, the relatively easy access to similar tools in the future (and their improved versions) means that there will be more people than ever before with the chance to create simple yet dangerous hacking tools.
Some of the world's largest tech companies have fallen victim to social hacking this year, so the idea that advanced AI could be creating conversations and thinking out entire scenarios should be at least something to think about for security teams in 2023. - 2) State-backed hacker groups continue to pose a serious risk to companies
- While the idea of a government supporting semi-private threat actors with resources in order to reach its goals in secret is nothing new, this method reached new levels in 2022. With the war in Ukraine in full effect, state-backed groups such as Fancy Bear and Sandworm have had access to more resources than ever before. More importantly, industry members believe that they now have a mission around which they can rally new members, especially hackers with access to lower-tier tools that can cause significant damage if they are organized in large numbers.
| |
- 3) The cybersecurity skill gap widens
- Reports conducted this year showed that the global cybersecurity workforce gap has increased by 26.2% compared to 2021. While the figure is an improvement compared to previous years, there are at least 3.4 million more workers needed to secure assets effectively on a global scale.
When we consider that the number of cybersecurity attacks in 2022 increased by 44% from 2021, it is evident that the number of professionals that governments and companies will need to handle these attacks is going to be bigger than ever before. In the short term, it will be challenging to cover the gap between supply and demand for cybersecurity skills. - 4) Social engineering will become an even more popular threat vector among hackers
- This year hackers continued to breach victims using a method that seems to continue working for them: social engineering. Also known as social hacking, the method is as simple as it is effective. Notably, the threat vector has been used by North Korea-backed hacking campaigns such as the $620M Axie Infinity breach. North Korea-backed hackers essentially convinced an Axie Infinity employee that they were being interviewed for a job role, convincing them to click on malicious files that led to the worst cryptocurrency breach of all time.
| |
 A message from ARRIVED Unbelievable: a must-see real estate investing hack. We know real estate has outperformed the S&P500 over the past 20 years as an asset class. Plus, it's tangible. But most don’t do it. You need massive upfront capital, it takes a ton of setup & expertise, and then you have to manage it. Exhausting. Here's that secret hack: Arrived. Arrived is an easy-to-use real estate investment platform offering SEC-qualified investments, and it’s backed by world-class investors like Jeff Bezos and Marc Benioff. In a few clicks, you can: - Browse properties (<1% make it through vetting): AirBnBs, long-term rentals, and more coming soon.
- Pick your favorites: invest anywhere between $100 to $50K per property.
- Boom: you're officially earning income and appreciation while Arrived manages your properties.
Both first-time investors and long-time real estate millionaires are flocking to Arrived, funding over 200 properties and $75M of property value since last year. Demand is high. What’s holding you back? Launch My Real Estate Empire
| |
- 5) Governments will invest in cybersecurity programs more than before
- Governments have felt the effect of state-backed hacker groups more than ever before. The U.S. alone has been at the center of several cybersecurity incidents where foreign actors have stolen patient data, credit card information, and even money. Mexico's Defense Department email database was breached earlier this year, while Costa Rica went through a complete digital infrastructure collapse after being hacked by the Russia-backed Conti ransomware group. As a result, we've seen countries react by investing record amounts of money and promising to continue to do so. Examples include the Australian government, which vowed to make the country the most cyber-secure in the world by 2030, and the U.S. government, which proposed a record cybersecurity budget of $10.9B.
- 6) TikTok will get banned by most federal and state institutions in the U.S.
- 2022 continued to be a controversial year for TikTok. After an initial wave of controversy surrounding the China-based social media giant during Donald Trump's presidency, the app has been under scrutiny once again for its data privacy practices. Only a few days ago, the company admitted to accessing the data of several journalists. This week, the app was officially banned on every device that is tied in any way to the U.S. House of Representatives. 2023 may be the year that the app is banned by all federal and state institutions for good.
| |
- 7) Hackers will continue to target cryptocurrency owners and crypto companies
- While cryptocurrency prices may have reached their lowest levels in a while, cryptocurrency scams and cyberattacks against crypto companies went in the opposite direction. Between the infamous $620M Axie Infinity hack, the $2B Terra Luna collapse, and the FTX scandal, the cryptocurrency industry has gone through arguably its toughest times ever. Hackers stole over $3B in crypto during 2022, and the trend may likely increase in 2023.
- 8) Cloud services will be the main focus of info-stealing hackers
- In a year where more data was stored in the cloud than ever before, the only question security researchers had was not if data would be exposed but how much. This year showed us that even companies such as LastPass, which are supposed to safeguard users' most important data, are vulnerable to data breaches. The cloud is the modern-day equivalent of the bank safe, and in 2023 we are likely to see new threat vectors and protection tools in the cloud technology vertical.
| |
 A message from PENDULUM THERAPEUTICS The next-generation probiotic associated with a healthy weight, metabolism, and gut lining… Meet Pendulum Akkermansia, the probiotic that doctors, scientists, and even Halle Berry is talking about. This keystone strain strengthens the gut lining and boosts GLP-1 production, which is associated with managing weight. It also helps promote a healthier gut microbiome and improved GI function. Founded by PhD scientists, Pendulum is the first and only company to manufacture this novel strain and sell it in the form of a daily probiotic capsule. They are now offering Inside readers 20% off their first month of Pendulum with code INSIDE20 at Pendulumlife.com Claim 20% off now
| |
- 9) Ransomware-as-a-Service tools will remain popular
- A low-skill entry barrier, easy shareability, and easy customization are some of the factors that made Ransomware-as-a-Service tools popular among all threat actor categories. Since the appearance of the Reveton RaaS in 2012, hacker groups have continued to modify these tools and offer them for low prices on hacker forums. Modern variants such as REvil consistently made headlines this year, and there is no reason to believe that these tools will stop evolving any time soon.
- 10) Cybersecurity companies will reach all-time high valuations from investors
- The damage caused by hackers in 2022 is considered to be over $1T. Combined with an economic downturn and inflation rate that was preceded by the pandemic and the supply chain crisis, companies across all sectors have found themselves looking for breathing room. Cybersecurity companies not only proved their resilience during this period but showed that they are more important than ever before. Investors seem to have taken notice of this trend, which is why cybersecurity companies can be expected to march toward all-time high levels of valuation and appreciation by investors and companies.
| |
Quick Hits: - Jamf Now is helping businesses set up and secure Apple devices with no IT experience necessary. Manage up to 3 devices for free.*
- Cryptocurrency wallet company BitKeep announced that hackers so far have stolen $9.9M from its holdings by deploying fake versions of the BitKeep app.
- Hackers are increasingly using the VLL extension in their malicious files due to the fact that Microsoft has blocked VBA macros on default mode.
- Some security researchers have criticized the U.K.'s new data protection bill, claiming that it leaves space for data privacy breaches in special cases. The latter is the country's replacement for GDPR, a data privacy standard set by the EU.
- Thailand-based company Workpoint TV had its channel hacked by unknown threat actors yesterday, who renamed it to "Tesla." The company has not stated whether any information has been stolen from the company's database.
- Real estate has outperformed the S&P500 (20+ years). Arrived, a Bezos-backed company, finally lets everyone take advantage of it.*
*This is sponsored content.
| |
Upcoming events at Inside: - January 05 - AMA with Gun.io - Building and managing software development teams w/ Deividi Silva (Watch On Demand)
- January 06 - AMA with LinearB - Improving workflow for developers w/ Ori Keren (Watch On Demand)
- January 10 - Inside Startups Coffee Break (Register Here)
- January 17 - Inside Marketing Coffee Break (Register Here)
- January 31 - Growth Summit 2023 (Register Here)
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
| |
Pendulum is now offering Inside readers 20% off their first month with code INSIDE20. | |
