The costly cyber breaches to come

DESPITE the growing awareness of the consequences of cyber breaches, high-profile incidents continue to occur. Companies buy expensive and complex security solutions to defend against sophisticated threats but often overlook basic weaknesses: a forgotten cloud instance running vulnerable software, the absence of isolated backups, or an accidentally open port. It’s a misconception to think that only big events lead to major security incidents. In 2022, a simple phishing campaign that we codenamed 0ktapus hit more than 130 organisations. The full consequences of this simple yet devastating attack are yet to be seen, but six months on, the list of victims includes Coinbase, Twilio and Cloudflare.

We have been fighting and researching cybercrime for 20 years. Security incidents are generally not the result of sophisticated, highly-skilled cyber adversaries’ actions (even though many victims say so in their data breach statements). Instead, in the vast majority of cases, they are avoidable and are a result of negligence, poor access control and a lack of actionable knowledge. We see the following as the greatest avoidable cyber threats facing organisations in 2023.

Ransomware is not going anywhere

The ransomware industry, which previously focused on petty extortion from individuals, has evolved into a huge market with its own corporations and channels for recruiting specialists. Their major driving force is the sale of access to corporate networks, which has more than doubled since last year, with triple the number of incidents occurring in the Asia-Pacific region. Worryingly, the average price of such access has been cut in half, making it more affordable for would-be attackers and ransomware groups.