One season following another
Laden with happiness and tears
“Sunrise, Sunset” from Fiddler on the Roof
Amazingly, it is already December again. How the time has flown!
This December, I got a special gift in my inbox, courtesy of our marketing specialist.
The subject was: “Were you right?”
I opened the email curiously.
“You made predictions for 2023. Were you right??”
Underneath these ominous words was a link. With trepidation, I clicked (after verifying the domain of course) and sure enough, there was the newsletter that I wrote this time last year with my predictions for 2023.
Here were my predictions at the time:
- Security fundamentals won't change in 2023
- There will be more data breaches in 2023
- There will be more government involvement in 2023
- Fines for breaches will increase
- More nation states will get involved in state sponsored hacking
Was I right? I assumed I wouldn't be, but as it happens… I wasn't actually too far off.
2023 gave us some huge innovations and new products. From ChatGPT and AI to remote work and cyber-warfare, it has been a wild year. And I didn't predict any of that.
On the other hand, while ChatGPT and AI have enhanced some security tools and processes, the functions that they are enhancing are still fundamental processes - asset and vulnerability management, log review and alerting, detecting malicious activity, etc.
Moreover, of the new laws and regulations that have been passed, they have primarily focused on closing gaps with existing fundamentals, rather than writing new fundamentals entirely.
Despite that focus on fundamentals, though, there have certainly been more data breaches and more government involvement in 2023.
According to IBM's annual “Cost of a Data Breach” report, the average cost of a data breach increased from $4.35 million in 2022 to $4.45 million in 2023. Meanwhile, the US government has been busy with numerous cybersecurity initiatives along with lots of new state laws.
Some of those laws and new regulations have indeed increased the fines imposed for breaches, as well as increasing the requirements for disclosure.
Finally, the war in Russia and Ukraine have given us almost a full year of cyber warfare, while Hamas used targeted cyber attacks as part of their attack against Israel on October 7, showcasing how this new front integrates into larger war efforts.
So, overall, my prediction score was pretty good. At this point, I should retire as an expert predictor.
Nevertheless, my predictions were generic, safe bets.
So, here are a few predictions for 2024 that will push the envelope a bit:
- The average cost of a data breach goes down for the first time since 2020.
- CISOs will get better at defining their roles and responsibilities. As a result, we won't see any CISOs in court for breaches in 2024.
- Companies get better and better at keeping backups and recovering their businesses after an incident. As a result, the lost business cost of a data breach declines for the third straight year.
- With the expansion of ChatGPT usage, expect more and wider phishing attacks (convincing contexts are ChatGPT's speciality). As a result, the cost and frequency of phishing attacks increases.
Only time will tell if my predictions for 2024 are as accurate as 2023.
In the meantime… sunrise, sunset.
- The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems altogether, citing severe risks that could be exploited by malicious actors to gain initial access to, and move laterally within, organizations.
- MongoDB disclosed it's actively investigating a security incident that has led to unauthorized access to "certain" corporate systems, resulting in the exposure of customer account metadata and contact information.
- Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it's tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and SMS phishing attacks against retail entities during the holiday shopping season.
- A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the China-linked threat actor called Volt Typhoon.
- Four U.S. nationals have been charged for participating in an illicit scheme that earned them more than $80 million via cryptocurrency investment scams.
- Cybersecurity researchers have identified a set of 116 malicious packages on the Python Package Index (PyPI) repository that are designed to infect Windows and Linux systems with a custom backdoor.
- Meta is rolling out an early access program for its upcoming AI-integrated smart glasses, opening up a wealth of new functionalities and privacy concerns for users.
- A group of pro-Hamas attackers known as the Gaza Cybergang is using a new variation of the Pierogi++ backdoor malware to launch attacks on Palestinian and Israeli targets.
- Ukrainian civilians grappled with widespread cellular phone and Internet outages after a cyberattack, purportedly carried out by Kremlin-supported hackers, hit the country's biggest mobile phone and Internet provider a day earlier.
- An ex-First Republic Bank cloud engineer was sentenced to two years in prison for causing more than $220,000 in damage to his former employer's computer network after allegedly using his company-issued laptop to watch pornography.
- The Idaho National Laboratory (INL) confirmed that attackers stole the personal information of more than 45,000 individuals after breaching its cloud-based Oracle HCM HR management platform last month.
