Increased risk for detrimental damage caused by ransomware gangs
Avast anticipates an increased risk of ransomware attacks in 2023 threatening to leak people's and businesses’ valuable data if ransom demands aren’t paid.
Additionally, Avast researchers foresee optimisation of social engineering used in scam attacks, taking advantage of economic hardships and energy crisis fears. The experts also expect increased malicious activity overall, as open-source malware becomes more accessible, and cybergangs recruit hacktivists to join their causes.
The threat of ransomware will very likely become worse as data leaks become common practice
“Ransomware attacks themselves are already an individual’s and businesses’ nightmare. This year, we saw cybergangs threatening to publicly publish their targets’ data if a ransom isn’t paid, and we expect this trend to only grow in 2023” says Michal Salat, Threat Intelligence Director at Avast.
“This puts people’s personal memories at risk and poses a double risk for businesses. Both the loss of sensitive files, plus a data breach, can have severe consequences for their business and reputation.”
For businesses, successful ransomware attacks can quickly ramp up to millions of dollars in recovery costs caused by a pause of operations, reimaging devices and incident response programs, and operational costs with hospitals not being able to conduct surgeries or factories halting their production. New global sanctions introduced this year could put businesses affected by ransomware in a sticky situation, as they face potential prosecution if they pay ransom demands to groups listed on sanctions lists, for example, ransomware groups based in Russia.
Scamdemic will continue in 2023
“We’ve been living in a scamdemic for some time now, and there are no signs of a slow-down,” says Salat. “Cybergroups go to many lengths to tap into people’s worst fears to deceive them into sending money or giving up personal data because it is easier to make people vulnerable than hacking their devices.
"Next year, we expect to see attacks playing with people’s economic and environmental concerns. Scams are not just flooding people’s inboxes in the form of phishing emails, but are bombarding people’s text messaging apps, and are keeping their phones ringing.”
With constantly improving techniques, the person becomes the weakest link. One trend expected for 2023 is social media account takeovers leading to impersonation attacks on online friends.
The business of cybercrime will become even more sophisticated
Avast researchers further predict the already professionalised business of cybercrime will become more sophisticated. Cybercrime groups Zloader, Racoon Stealer, and Ursnif came together this year to take advantage of each group’s specialisations and focuses to support one another and maximise profits. Avast researchers anticipate this kind of cross-group collaboration to continue. '
Additionally, Lockbit 3.0, a ransomware group, was the first ransomware gang to offer a bug bounty program in the summer, and others will likely follow suit. Bug bounties allow third parties to report new product vulnerabilities to software companies in return for an award. In typical cases, this helps companies make their software secure, protecting themselves and their customers from cybercriminals exploiting vulnerabilities. In this case, however, people are being enticed by a malicious group to help make their ransomware efforts more robust.
“Cybercrime has been a growing business for years, but we have started to see open-source malware become more readily available and distributed on platforms like Discord. People, including young people with less technical knowledge, can now get their hands on malware and may be more inclined to join the dark side given current economic hardships,” says Salat.
“We have also seen criminal groups recruiting and paying people money to carry out DDoS attacks, or install ransomware on their employers' devices, for example. Not only will we see more malicious activities thanks to software as a service, the distribution of software to carry out DDoS attacks, and easily accessible open-source malware, but this could be stepping stones towards a career as a cybercriminal.”