11 Cybersecurity Predictions for 2023: Cars Held Ransom, AI Hacking, & Malicious Social Media 

In 2022, we asked our team for their cybersecurity predictions for the year. The theme was pretty much, “Everything is bad. Everyone’s a target.”

As it turns out, we are pretty good at seeing the future—each of our predictions from last year came true in some way.

To recap, our 2022 predictions included:

Decentralized cybersecurity - Though a slow process, decentralized cybersecurity is becoming true. Per Mikey Pruitt, “As legacy strategies and technologies are sunsetted, the modern approach of securing your endpoints with as much vigor as the office has solidified in the minds of IT practitioners around the globe. More stringent compliance, especially to obtain cyber insurance, will accelerate decentralized cybersecurity adoption.”

Internet users will take control of their privacy - According to a 2022 poll by Ipsos on behalf of Google, 84% of Americans are concerned about the safety and privacy of their online data. In the last 90 days, the number of blocked trackers on our network has increased by over 132%, indicating increased concern regarding websites’ abilities to track individuals.

Government regulations - There’s been some real progress on privacy-related legislation in the past year. Peter Lowe states, "I honestly think the EU is leading the world on this sort of thing - the DSA and DMA that went into force in November (and the recent decision against Meta, although that’s technically 2023) are great examples, but this sort of thing is being seen in a lot of other places."

Product vulnerabilities from using OSS - Security risks associated with OSS in supply chain increased from 47% to 53% in 2022. In a global study by Venafi, 82% of CIOs say their organizations are vulnerable to supply chain attacks.

Threat actors will target password management - We managed to nail our list in the 11th hour with the recent announcement of LastPass’s breach. If you have been impacted, make sure you rotate your master password and change sensitive passwords in your vault, if you haven’t already. Password managers are vital for many companies, but the risks associated with a breach like this can have cascading effects.

Cyberwarfare - Sadly, this one was also spot on. SecureList agrees that from here on out, “We can expect to see significant signs and spikes in cyberwarfare in the days and weeks preceding military conflicts.”

As we crowdsourced 2023 predictions, the list got a little longer. Attackers will get more creative, we’ll see more widespread effects of breaches, and AI will play a large part:

Direct Attacks and Major Themes We Expect to See in 2023

Massive IoT hack - Our Principal Security Researcher, Peter Lowe, believes there could be a large-scale attack on something (or someone), through a vulnerability in IoT devices. This could take the form of some sort of worm or common piece of software that’s used, allowing for the creation of a massive botnet.

Cars will be held ransom - With cars relying more and more heavily on software, there’s a bigger target on the back of the auto industry. With increasing reliance on automated features and mobile integrations,  Bluetooth features, and digital displays, vehicles are becoming more vulnerable, and it’s possible that the car industry could experience a big ransomware event of some sort.

Major social media hack - Again, Peter predicts that there will be a massive social media hack or breach that will make a splash with big headlines. He also predicts that it will be soon quickly forgotten and people will not be any more cautious with their social media use.

“DNS Abuse” goes mainstream - While we are already starting to see this, Peter believes that we will continue to see the trendiness of “DNS Abuse.” He predicts that  high-level conferences and international organizations will need to start thinking about how to defend themselves against it. As a result, the bad guys are going to try harder to circumvent protection measures.

Malicious AI

AI model hacking - Peter and Christina Blakely, DNSFilter’s Webshrinker and Categorization Specialist, both agree on the prediction that people are going to continue pushing the boundaries of the various uses of AI that are popping up. Not only do they believe there will be a vast increase in AI applications, they also believe we will start seeing AI be used to do unsavory things, including phishing.

Social Media Predictions for 2023

Trends will allow malware to spread - Adding to the prediction of malicious AI software, Christina believes they’ll be able to create trends and bring down social media users’ guards, allowing for widespread malware and social media compromise. Christina says, “If a website or software can provide something tangible, they won't notice malware until it's too late.”

Automated content creation - David Elkind, DNSFilter’s Chief Data Scientist, predicts that we will see continued use of AI programs, and that content creators will see the value of automating their content creation in an effort to become profitable. David believes that this could lead to an increase in junk content. Social media platforms are already struggling to moderate content, and the speed and ease of automated content will make it nearly impossible—prompting the decline of social media and web 2.0.

Vulnerabilities: Where we may see more attacks

Co-working spaces - Brian Gilstrap, DNSFilter’s Technical Support Engineer, Tier 1,  anticipates that as more people work from public locations such as coffee shops, libraries, and restaurants, “We will see more instances of shoulder surfing and public wireless spaces being hijacked.”
Our IT Manager, Frank Ahan, agrees, and predicts that co-working spaces will see more instances of packet sniffing, eavesdropping, network vulnerability scans, and brute force attacks on workstations.

Cascading attacks - Alex Applegate, DNSFilter’s Senior Threat Researcher, believes that we will continue to see more cascading attacks. Supply chain providers, MSPs, and cloud providers are hard to breach, but once they are breached, an attack can cascade quickly through a system. These businesses will continue to have a target on their backs and bad actors will take advantage of any potential hole in their security.

The threat of the year won’t be from this year - Alex also predicts that the trend of breaches of outdated technology will continue. He says, “Software libraries, log management systems, and ancient network protocols–that were perhaps created when software development was less of a rigorous engineering discipline and security was less of a concern–have all been exploited to disastrous effect.” Alex believes that hackers are working to find the next vulnerability, but there aren’t enough teams poring over old foundational code to ensure things are secured before they can be found.

We will have to wait and see which of these come to fruition in our annual predictions blog next year, but so far 2023 is starting off pretty strong with password management breaches, social media woes, and trendy AI apps.

Search
  • There are no suggestions because the search field is empty.
Latest posts
What is Secure Web Gateway: What It Does, Benefits, and More What is Secure Web Gateway: What It Does, Benefits, and More

In today's world of ever-increasing cyber threats, organizations need strong defenses to protect their networks and data and in this complex digital ecosystem, we need more than just one line of defense.

Revving Up the Fun: DNSFilter's IndyCar Experience Recap — St. Pete Edition Revving Up the Fun: DNSFilter's IndyCar Experience Recap — St. Pete Edition

What a weekend at the track! DNSFilter was thrilled to host 10 guests alongside Pax8 this weekend for an unforgettable IndyCar experience in sunny St. Petersburg. Those who joined us came from Thrive, MVP Network Consulting LLC, Myrtle Beach Academy of Aviation, Entech, NetGain Technologies,Warren Averett Technology Group, LLC, and ECMSI—we were lucky to be in such great company for our very first race of the season.

Man-in-the-Middle Attacks: What Are They? Man-in-the-Middle Attacks: What Are They?

A man-in-the-middle (MITM) attack is a form of cyber threat where a bad actor inserts themselves into a conversation between two parties, intercepts traffic, and gains access to information that the two parties were trying to send to each other. It allows attackers to eavesdrop, collect data, and even alter communications between victims. Understanding the mechanics, implications, and defense mechanisms against MITM attacks is essential for prote...

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.