Cybersecurity Trends 2023

AI was on everyone’s lips this year. Useful and fascinating as it is, it has been a cause of concern. A vivid example is what has happened with the wildly popular chatbot ChatGPT. Having reached 100 million monthly active users just two months after its launch, it made history as the fastest-growing consumer application in history before Meta’s Threads launch. (The number of ChatGPT users is now on decline, though.)

ChatGPT’s generative AI has been abused to write malicious code. Some malware criminals write with it can even evade endpoint detection and response (EDR) applications. Remarkably, AI has also helped criminals step up their phishing game. Namely, it helps them create more convincing messages to lure victims to downloading and executing malware.

Early this year, ChatGPT had a data breach due to a vulnerability in an open-source library. The breach “allowed users to see the chat history of other active users.” Further, criminals have stolen over 100,000 accounts on this app using malware. And the app has suffered recent outages caused by DDoS attacks.

The war between Israel and Hamas, like that between Russia and Ukraine, has included cyberattacks by hacktivists. Some attacks intended to deface websites or make them crash, with the government and militia sectors as the main target. For example, pro-Islamic groups have hit the Israeli Parliament with DDoS attacks. And pro-Israel groups have attacked websites of the Gaza government.

Other attacks sought to impact nations supporting either side of the conflict. Case in point, an increase in cyberattacks against some supporters of Israel, i.e., the U.S., France, India and Italy, has been linked to the activities of some groups associated with Russia, Bangladesh, Iran or other nations. And unidentified groups have targeted international organizations that provide humanitarian aid to both Palestinians and Israelis.

The largest global attack campaign of this type this year has been the one carried out by the CL0P ransomware gang exploiting a flaw in a file transfer tool called MOVEit. To date, they have affected more than 2,500 organizations, compromising the data of nearly 70 million people.

Companies using insecure third-party software are exposed to consequences of the most costly kind. This year, a data leak due to a software supply chain attack cost an average of $4.63M globally. This cost surpasses that of attacks due to all other causes, which averaged $4.26M.

Use of software dependencies with known vulnerabilities remains a widespread issue. Our State of Attacks 2023 report shows that about 83% of the systems we tested this year used flawed software components. This type of vulnerability caused the most risk exposure (over 25%) to systems when aggregated.

According to the Microsoft Digital Defense Report, several groups operating globally, linked to Russia, China, Iran and North Korea, carried out attacks that ranged from spreading false information to spying or stealing cryptocurrencies.

In addition to the government sector, a wide variety of industries have been impacted. This possibly represents large losses for many organizations, given that, for example, the average cost of a data breach this year was a record $4.45M.

As we said above, AI is also used in favor of protecting information systems. Researchers over the world (e.g., Microsoft’s) began to use it to analyze vast amounts of data from Internet connections to more quickly detect and analyze cyberattacks on organizations anywhere around the world. At the individual organization level, some solutions using AI are supporting cybersecurity teams, which are generally understaffed, to detect potential breaches in their systems.

In terms of AI’s support to the preventive posture in cybersecurity, that is, security applied to systems from the beginning of and during the entire development lifecycle, we at Fluid Attacks have contributed to the advancements. We leverage AI to create models that inform hacking teams which files of the applications they are evaluating are most likely to have vulnerabilities. This way, they can prioritize those files in their search. In addition, we released this year a feature for our IDE extension to generate step-by-step guides on VS Code with fixes relevant to the detected vulnerabilities. This helps devs remediate software flaws more easily and effectively. Other solutions are using AI to help eliminate vulnerabilities by automatically presenting suggested code modifications for devs to simply accept or reject.

We have talked more extensively about software supply chain security (SSCS) in a blog post. Read it, as we give you a checklist of some main aspects you should take into account in SSCS during the different phases of the software development lifecycle.

One advantage is their speed. Google has found that passkeys allow users to authenticate in half the time it takes with passwords. In addition, passkeys are more secure, because they are not processed by servers, e.g. Google, but are stored only on the device. By giving the right passkey, it generates a unique digital signature to confirm the access rights to the application that is requiring authentication. And as it is used only in authorized applications, this new method prevents credentials from being shared on fraudulent sites.

It is a great mistake to be unaware of the security vulnerabilities, and the risk exposure they cause, in proprietary as well as third-party code. You need to follow a preventive approach to cybersecurity. Find out how secure your application and your software supply chains are and fix all found issues before the bad guys place eyes on them. Begin your 21-day free trial now and let us help you develop and deploy secure applications.