Content, Channel partners, Content

Kaspersky: Security Operations Centers (SOCs) Should Expect More Cyberattacks by State-Sponsored Threat Actors in 2023

System Security Specialist Working at System Control Center. Room is Full of Screens Displaying Various Information.

Security operations centers (SOCs) in the government and mass media sectors are likely to face more reoccurring targeted attacks by state-sponsored threat actors in 2023, according to antivirus software company Kaspersky.

This prediction comes after Kaspersky noted the average number of security incidents increased by 36% in 2022. Kaspersky also reported the average number of incidents in the mass media sector nearly doubled in 2022.

Ultimately, there is a "new wave of politically motivated attacks" affecting government and mass media organizations, said Sergey Soldatov, head of SOC at Kaspersky. These attacks may extend beyond organizations in the government and mass media sector. To guard against such attacks, Soldatov recommends that organizations use managed detection and response (MDR) services for "comprehensive threat detection and remediation."

Other Security Predictions for SOCs in 2023

Kaspersky made several other predictions regarding security issues that could impact SOCs in 2023, including:

1. Cybercriminals May Increasingly Target Telecommunications Providers.

In 2021, there was "a prevalence of high-severity incidents" against telecommunications providers throughout the year, Kaspersky indicated. The average share of high-severity incidents against these providers declined in 2022. Regardless, telecommunications companies remain attractive targets for cybercriminals.

2. Cybercriminals Will Use Ransomware to Encrypt and Destroy Business Data.

In the past, many cybercriminals would encrypt data and hold it for ransom. Now, cybercriminals are more likely than ever before to encrypt and destroy data, which makes it exceedingly important for organizations to properly secure it.

3. Cybercriminals Will Try to Infiltrate Organizations Through Public-Facing Applications.

Public-facing applications can have vulnerabilities that organizations have not addressed. Meanwhile, cybercriminals can exploit these vulnerabilities in the hopes of accessing organizations and their data and systems.

4. Threat Intelligence Will Become More Valuable.

The increasing volume and severity of cyber threats is leading more organizations to invest in technologies that they can use to plan for and combat cyberattacks. At the same time, it is increasing the value of threat intelligence, which helps organizations make fast, informed decisions to secure their operations.

What Can MSSPs Do?

MSSPs can provide organizations with MDR, endpoint protection and other security services to keep pace with evolving cyber threats. In doing so, they can help organizations guard against a wide range of threats and optimize their security posture.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.