Cyberthreats are not necessarily on the rise but they have remained at a high level since 2021, highlights ANSSI in its latest report. From the wave of malware in Ukraine to ransomware targeting ESXi, to the theft of the League of Legends videogame source code, the year 2023 seems set to recreate 2022’s litany of cyberattacks. There are however five new underlying trends.
Multifaceted attacks
Ransomware ranks first among threats to businesses, even if their numbers steadied in France in 2022, according to ANSSI. However, they tend to shapeshift and combine with other types of attacks to strengthen their impact, which makes countering them more complex.
As far as Atos is concerned, this is one of the phenomena that should be monitored in 2023. “We’re seeing multifaceted attacks. For example, they start off as ransomware, and evolve into DDoS attacks if the victim cannot pay,” points out Farah Rigal, Vice-President and Deputy Director of Atos’ world cybersecurity services.
We are also noticing different levels of targets. “Attackers first target the company, then zero in on individual users if they manage to extract personal data,” notes Farah Rigal. We were familiar with double extorsion ransomware, which steals and encrypts data. We will now have to deal with triple extorsion, which ransoms collateral victims.
Our mobile phones are increasingly targeted
Called “Flubot” or “Godfather”, they are Android malware designed to take control of mobile phones remotely, harvest their data and spread through the victim’s contact list. These Trojans can also infect iPhones and be inadvertently downloaded by users in app stores, via text message, social media or phone calls.
They will be on the rise this year, predicts the software publisher Bitdefender. “They’re very difficult to contain and can easily adapt to social and political circumstances. A text message will warn of a failed delivery, offer a way to cut down on your power bill or ask if you want to see a friend’s new picture,” warns the company in its 2023 forecast. One of the more recent malwares, “Hook”, is able to take screenshots, send WhatsApp messages on your behalf, and intercept confirmation text messages.
Getting ready for deepfakes
In January, 2020, a bank employee in the United Arab Emirates wired 35 million USD, following instructions left by a manager in a voice message. The latter’s voice had been faked by cybercriminals. This is what is known as a deepfake. The method consists in replicating a voice, or even a face thanks to AI, with the aim of gaining access to computer systems, steal funds, ruin someone’s reputation etc.
Today, deepfakes remain a rather marginal threat to businesses, as they require sophisticated capabilities. Yet their effectiveness is cause for concern, as technological progress should lead to their widespread use in the future, emphasizes ENISA. And France will not be spared. This is why gendarmerie detectives are already on the alert.
“Our officers have been made aware of this type of crime. The gendarmerie’s 8,800-man cyberunit, and its integrated measures to combat cyberthreats, take reports and investigate this phenomenon. The operations division detectives with regional ComCyberGend satellites will also support local units that have been apprised of these crimes,” points out Major General Marc Boget, Gendarmerie Commander in cyberspace.
The 5G challenge
Although commercial 5G has been available to the public since the end of 2020 in France, telecoms providers are only now on the verge of deploying a real 5G mobile network core. This switch will have security implications, as NordVpn points out: “This technology requires new cloud-based infrastructure to work, which creates more access points for hackers to exploit.”
A new 5G mobile network core will make it possible to connect countless objects: cars, factories, drones… all potential targets. “The introduction of 5G in the digital ecosystem means that almost anything can be connected to the internet. It integrates connected objects in its ecosystem, alongside IT and processing. The product itself becomes a weak link,” predicts Capgemini for 2023. Guaranteeing 5G protection and security will therefore be a challenge in the coming year.
Anticipating political attacks
It has now been over a year since Russia attacked Ukraine, combining its military invasion in the field with a cyberwar designed to hamper the beleaguered nation’s response capabilities. According to the software publisher Kaspersky, we must expect these political cyberattacks to grow. How do we deal with them? The strategy used by Ukraine offers some insights.
“Ukraine strengthened its capabilities, whether in telecommunications or cyberspace, through cutting-edge technology that is provided by civil sector players such as Comsat and Starlink, but also Big Tech companies, in regard to data hosting and digital service redundancy, as well as mobile storage power in conflict areas,” analyzes Bertrand Blond, IT Director for Cyber Defense. Focusing on both the military and civilian worlds seems today essential in guaranteeing the resilience of computer systems and critical infrastructure.
A welcome positive note, as the economic situation is making it harder for companies to deal with all these threats. “We’re in a difficult job market, and in dire need of experts to manage and monitor the implementation of new solutions in our computer systems. This inspires us to create solutions that are easy to pick up and meet our needs while requiring the least amount of human resources possible,” warns Marine Martin, head of the incident response team at AG2R La Mondiale (French insurance firm).