We see many reports each year, but when a Google-owned entity puts out its thoughts, we tend to pay closer attention. Recently, Google subsidiary Mandiant released its 2023 cybersecurity threat report highlighting trends to keep an eye on in the coming year. The report offers a world ripe for cyber disruption, from an array of sources as diverse as a bored college kid in their dorm to sophisticated attacks unleashed by nation-states. For MSPs, this means the landscape is constantly shifting.
“MSPs and CISOs need to get out of the mindset that one-size-fits-all because it no longer goes, a healthcare business will face a different set of cyber threats than, say, the pallet factory across town,” says Jerry Simmons, a cybersecurity analyst in Orlando.
The Mandiant report contains a variety of interesting trends, including:
“A hacker is probably reading this article,” someone commented. That is an assertion backed up by the report, which states: “Threat actors will continue to study the blogs and research of analysts in the security community. They will do this to learn offensive tactics and techniques, defensive strategies, and how to exploit vulnerabilities.”
Blogs, how-to guides, and forums provide ample eavesdropping opportunities for hackers. “You wouldn’t think a simple blog post could pose a problem, but hackers are after the big picture, ad if they read enough, they can connect dots on trends and know where to re-focus their attention,” Simmons warns.
“We’ve seen a lot of this already in 2023, and it is challenging to detect until it is too late,” he says. The Mandiant report warns to expect more: “stealers are widely available on the underground, and purchasing credentials is an inexpensive alternative to trying to phish them from victims.”
Non-nation state hacking
The Mandiant report predicts a return to a time when college kids were hacking organizations from their dorm rooms. These hackers, the report says, are less motivated by financial gain than by bragging rights. “They want to be able to brag to their friends or boast online that they’ve hacked into and brought embarrassment to prominent organizations.”
But Simmons cautions that the nation-state threat is still genuine. “Yes, we are seeing an uptick in `freelance hacking,’ but the threat posed by nation-states is still real, especially with geopolitical tensions rising in many areas.”
Also, a “freelance hacker” can wreak just as much havoc as an organized cybercrime group. “Sometimes more because they can be more difficult to find,” Simmons explains.
Extortion on the rise
Ransomware will continue to gradually decline and be replaced by more extortion attempts. A hacker may use BCE to get into sensitive emails and then threaten to release them unless a ransom is paid. “Sometimes this is a cheaper and equally effective way for cybercriminals to get money,” Simmons shares.
Access over endpoints
The Mandiant report emphasizes that gaining access to a user’s credentials and account is more valuable than breaching the endpoint.
“Once you have access, well, you are in. You have the keys to the castle,” Simmons says. The Mandiant report also warns, “Threat actors have shifted from gaining control of an endpoint to gaining access to a user’s credentials and account. A user’s identity within an organization has become more critical than access to the user’s endpoint. Over the next year, we will see threat actors find new ways to steal identities from users through a combination of social engineering, commodity information stealers, and information gathering from internal data sources post-compromise.”
“All of this points to a landscape that is constantly shifting, and MSPs are going to have a lot of tools in their toolkit to deal with it,” Simmons says.
Talent drain impact
Simmons says the talent shortage in IT jobs will exacerbate the shifting landscape challenges. Cyberventures reports there will be 3.5 million vacant IT jobs in 2023 — that’s enough to fill 50 NFL stadiums.
“This leaves a lot of vectors to watch and so many threats to monitor without human eyeballs; that is why MSPs have to choose vendors more wisely than ever. They need software solutions to combat the shortage, and the humans just aren’t there,” concludes Simmons.
Photo: Mike Pellinni / Shutterstock