Ride the Lightning

New Cybersecurity Worries for 2023

November 15, 2022

ZDNet reported on November 9 that we have some new cybersecurity worries for 2023.

As the story notes, a year is a long time in cybersecurity.

Consider the Log4j flaw: a year ago it was completely unknown. But after it came to light in December 2022, it was described by the head of CISA as one of the most serious flaws in existence. Almost a year later, it’s still a frequently unmediated security flaw hidden within many organizations’ code – and that will not be resolved anytime soon.

People are going to be a more major problem (if that’s possible) in 2023 having more and more difficulty identifying well-crafted phishing links/attachments or a business email compromise scam.

The shortage of qualified cybersecurity personnel has gotten even worse over the past year. That won’t help either.

Cyberattacks from nation states have become a greater risk. Russia has attacked Ukraine’s critical infrastructure and there is concern that essential infrastructure in the U.S. may be at risk. Before the invasion of Ukraine, satellite communications provider Viasat was affected by an outage that disrupted broadband connections in Ukraine and across other countries in Europe – an incident that Western intelligence agencies have attributed to Russia. Elon Musk has said that Russia has tried to hack the systems of Starlink, the satellite communications network run by his SpaceX rocket firm that is supplying internet access to Ukraine.

We have also seen a rise in fake accounts by Russians and others in social media – and the recent troubles of Twitter and Facebook are going to make it more difficult to detect and remove those fake accounts in 2023. Social media manipulation in general has become a huge problem – and our defenses are steadily weakening as Twitter and Facebook lay off employees in record numbers and generally seem to be degenerating into chaos.

As technologies like Web3 and the Internet of Things (IoT) continue to grow in 2023, they present a bigger target for cyberattacks and hackers. Some IoT devices help power critical infrastructure and healthcare – are they as well protected as they should be for the future?

There continues to be a lot of hype about the potential of Web3 – a vision of the web that takes control away from big companies and decentralizes power among users by using blockchain, cryptocurrency and token-based economics.

The worry here is that security has been forgotten as software developers rush to release products and services – as demonstrated by various hacks against crypto exchanges where attackers have stolen millions in crypto. Recent events give little comfort for the future ow Web3.

Bug bounty hunters are finding many vulnerabilities in Web3 applications and services. They’re often major vulnerabilities that could be extremely lucrative for malicious hackers if they discover them first – and potentially costly for users.

Lastly, security has found a seat at the corporate table nearly everywhere – but is it given enough weight – and the budget to successfully fight the cybersecurity challenges of 2023? That remains to be seen.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225, Fairfax, VA 22030
Email:   Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson