Content, Content

Trellix: 11 Predictions for 2023 Cyber Threats, What MSSPs Need to Know

Search Hacked warning on laptop Concept of privacy data being hacked and breached from internet technology threat. 3d renderring.

Trellix, an extended detection and response (XDR) specialist, anticipates spikes in geopolitically motivated attacks across Asia and Europe. Hacktivism fueled by political tension and vulnerabilities in core software supply chains are also predicted for 2023, the company said in its annual forecast.

11 Threats to Watch Out For

Trellix forecasts the following threats 11 threats in 2023:

  1. Geopolitical factors will continue to be a high motivation for misinformation campaigns and cyberattacks timed with kinetic military activity.
  2. As groups of loosely organized individuals fueled by propaganda align for a common cause, they will ramp up their use of cyber tools to voice their anger and cause disruption across the globe.
  3. Both threat actors and security researchers will heighten their study of underlying software frameworks and libraries resulting in an increase in breaches related to software supply chain issues.
  4. Teens and young adults will engage at increasing levels in cyber crime – everything from large-scale attacks on enterprises and governments to low-level crimes that target family, friends, peers, and strangers.
  5. The outsourcing of malware creation and operation, diversification of malware development, and use of leaked source code will make attribution of cyber threats to specific threat actors increasingly challenging.
  6. A significant rise in advanced cyber actors causing disruptions to critical infrastructure in vulnerable targets will be observed.
  7. Weaponized phishing attacks will increase across commonly used business communication services and apps, like Microsoft Teams, Slack, and others.
  8. The advanced capabilities of consumer and enterprise IoT devices will be leveraged by hackers to mine cryptocurrencies.
  9. The compromise of satellites and other space assets will increase and become more public in 2023.
  10. There will be a huge jump in reverse-vishing – or voice phishing – attacks, with less tech-aware users being the primary target.
  11. More domain privilege escalation vulnerabilities will be discovered as well as more real-world attacks against Microsoft Windows with the explicit goal of complete network takeover.

Final Thoughts

John Fokker, who heads Trellix's threat intelligence, offered some advice to the cybersecurity industry, namely MSSPs and MSPs, heading into 2023:

“Analyzing current trends is necessary but being predictive in cybersecurity is vital. While organizations focus on near-term threats, we advise all to look beyond the horizon to ensure a proactive posture. Global political events and the adoption of new technology will breed novel threats from more innovative threat actors.”

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.