Geopolitics will continue to have an impact on cybersecurity and the security posture of organizations long into 2023.
The impact of global conflicts on cybersecurity was thrust into the spotlight when Russia made moves to invade Ukraine in February 2022.
Ukraine’s Western allies were quick to recognize that with this came the threat of Russian-backed cyber-attacks against critical national infrastructure (CNI), especially in retaliation to hefty sanctions.
While this may not have materialized in the way many expected, geopolitics is still front of mind for many cybersecurity experts looking to 2023.
Cyber Power
Russia has always been among a handful of states recognized for their cyber prowess and being the source of many cyber-criminal gangs.
However, as previously mentioned, we have failed to see a significant cyber-attack, at least one comparable to the Colonial Pipeline incident, in 2022.
However, Rob Demain, CEO and founder of e2e-assure, warned: “We have underestimated Russia’s cyber capability. There is a wide view that Russian cyber activity leading up to and during their invasion of Ukraine indicated that they aren’t the cyber power we once thought. Patterns and evidence will emerge in 2023 that shows this wasn’t the case, instead Russia was directing its cyber efforts elsewhere, with non-military goals (financial and political).”
Marijus Briedis, CTO at NordVPN warns that the cyber-war is only just starting: “With China’s leader securing his third term and Russia’s war in Ukraine, many experts predict an increase in state-sponsored cyber-attacks. China may increase cyber-attacks on Taiwan, Hong Kong, and other countries opposing the regime. Meanwhile, Russia is predicted to sponsor attacks on countries supporting Ukraine.”
Attack Type
We are used to seeing cyber-attacks that encrypt data and ask for ransom, but it is likely in this era of nation-state sponsored attacks we could experience attacks for the sake of disruption.
“If the past few years have been defined by ransomware attacks from organized hacking groups, we are now entering an era in which an increasing number of threats will come from state-sponsored actors seeking to disarm global economies,” said Asaf Kochan, co-founder of Sentra and previously a Commander in Unit 8200, Israeli Military Intelligence.
“This poses a direct threat to specific sectors, including energy, shipping, financial services and chip manufacturing. These attacks won’t stop at stealing IP or asking for ransom. Instead, they will focus on proper disruption — compromising or shutting down critical operations on a national scale,” he said.
When it comes to CNI environments, Demain noted that 2023 could see an increased focus on operational technology (OT) as a target as he says this is where the money is, typically. “Attackers will use the IT to get to the OT due to lack of air gaps and convergence of IT and OT. Attackers will exploit IT and use that access to educate themselves on how the OT is designed and accessed and use this knowledge to their advantage,” he said.
Finally, when considering the war in Ukraine and how that has empowered Russian cybercriminals to act, Daniel dos Santos, head of security research at Vedere Labs, said, “Regardless of whether the war continues or ends, these groups will remain active. The people who gained offensive skills, and the groups that formed, will continue attacking politically motivated targets or transition into the cyber-criminal underground for financial gain.”
Nothing is known
While looking to the future is tempting, Amanda Finch, CEO, Chartered Institute of Information Security (CIISec) noted that the most confident prediction anyone can make about 2023 is that – even more than usual – most predictions will be inaccurate.
“‘Nobody knows anything’ originated in the film industry but, with international and national politics, economics and criminal activity entering a state of uncertainty that hasn’t been seen in decades, in 2023 it will apply everywhere,” she said.
“For cybersecurity, this means that predicting new threats, new compliance obligations, or even budgets will be extremely difficult. Even expecting the worst might not be accurate, as there’s every chance 2023 will end brighter than it started. Instead, the watchword for security teams in 2023 will be adaptability – ensuring that they are agile enough to navigate what’s certain to be a turbulent year.”