Cyber criminals never stop. They’re always working on new ways to exploit businesses and individuals online, and their methods get more sophisticated with every passing year.
What Types of Cyber Attacks Will be Common in 2023?
Because cyber criminals are always evolving, it’s difficult to predict the cyber threats to look out for in 2023. However, we can look at current global trends and previous cyber threats to get a general idea of the sort of cyber security issues we might have to face in 2023 and beyond.
This includes:
- Ransomeware
- Exfiltration
- Phishing
We’ll take a look at each of these in more detail.
A Rise in Ransomware Attacks
Ransomware is a particularly vicious form of malware in which cyber criminals remotely lock a device, and threaten to keep the device locked until their victim pays a ransom. If the victim refuses, then they’ll lose access to their data or device.
According to one report, 21% of all cyberattacks in 2021 were ransomware attacks. And unfortunately, certain global events seem likely to either embolden or enable further ransomware attacks.
Along with several other western nations, the UK continues to provide significant support to Ukraine during their ongoing war with Russia. This is going to have an impact on some international relationships that were previously integral to keeping certain cyber threats at bay.
For example, in January 2022 numerous notorious ransomware criminals were brought to justice. It seems likely that collaboration between law enforcement agencies in the US and Russia made these arrests possible. When there’s no such collaboration taking place due to ongoing conflicts, many cyber criminals will have more of a free rein to target individuals and businesses across the world.
A Pivot to Exfiltration in 2023
Exfiltration is a similar cyber threat to a ransomware attack, but with a subtle difference: the cybercriminal will steal the victim’s data before they lock their devices. They will then threaten to make this data public unless the victim pays the ransom.
So the victim will then have to deal with two threats at once – the extortion from the ransomware attack, and all the financial, reputational, and regulatory damages that follow a data breach.
One study suggests that almost all ransomware attacks these days are “double extortion” attacks like this, where cyber criminals will demand a payment to both unlock and protect data.
So in 2023, we won’t just see more ransomware attacks. We may also see more serious ransomware attacks.
More and More Phishing Scams
Some cyber criminals target individuals and businesses directly. But phishing is a less-focused form of cybercrime that shows no signs of going away.
In a phishing scam, cybercriminals will send individuals a message – either via email, or text, or via an app such as WhatsApp. This message will usually claim to be from a bank, or from a shopping site such as Amazon. It might talk about some problems with the individual’s bank account, or with an order they’ve made online. The individual will be prompted to click a link to fix the issue.
Clicking such a link could give cybercriminals access to the individual’s device or data, making them vulnerable to a ransomware attack. Yet in other phishing scams, cybercriminals might request an individual’s personal details, leaving them vulnerable to identity theft, or to direct theft of their data or assets.
Phishing scams have never been more sophisticated. Cybercriminals can now produce messages that look almost identical to official messages from official companies. And unfortunately, cybercriminals tend to exploit local and global events to target people when they’re at their most vulnerable.
In the latter half of 2022 we saw numerous scams that aimed to exploit the ongoing cost of living crisis. So whatever social, political or economic events 2023 has instore for us, you can expect cybercriminals to try and exploit it for gain.
Who is Most At Risk of Cyber Threats in 2023?
Any business or individual that uses a computer is vulnerable to cybercrime. Particularly when it comes to phishing scams, cybercriminals will target anyone and everyone, often sending thousands of messages in the hope that just one person will comply.
But unfortunately, when it comes to ransomware attacks, cybercriminals seem to target small to medium sized businesses (SMEs), as they are less likely to have adequate cyber security measures in place.
This comes at a time when reports indicate that growing numbers of SMEs are choosing to forego cyber cover, due to rising costs.
Does My Business Need Cyber Insurance?
In the event of a data breach, cyber insurance will cover your business’s liability as well as your ability to manage the impact on both your systems and finances. A cyber breach could sink your business. Even if you can recoup your data, your business may never recover from the blow to your reputation. So no matter how much it costs, cyber insurance is one form of cover that no business can afford to be without.
If you have any questions about business insurance, or if you want to discuss whether cyber insurance is right for you, we have a team of experts ready to help. Call us on 0208 290 9080 or email us at cyber@anthonyjones.com.