About this time last year, I was interviewed by Forbes as part of an article on 8 Crystal Ball Predictions About Cyberattacks in 2022. At the time, I predicted that we’d all have to be much more vigilant in defending against cyberattacks from state-sponsored groups around the world. It was a real concern then and I believe it will continue to be in 2023, especially as a growing number of countries and independent groups now possess powerful cyber capabilities and have demonstrated a willingness to use them. As we all know too well, these capabilities can be used to deploy ransomware, distributed denial of service (DDoS), or other cyberattacks against specific companies, critical infrastructure, or commercial systems.
For example, consider where an Iranian patrol boat attempted to user lasers blind the eyes of personnel on the bridges of two U.S. Navy ships in the Strait of Hormuz and took other unsafe and unprofessional actions on December 5, 2022. While this may have had something to do with the United States’ defeat of Iran in the World Cup, it’s the perfect example of how relatively minor actions could have provoked a larger response and started a domino-effect chain of events with global geopolitical repercussions that include cyber responses. Cyber responses are frequently an easy avenue to express rebuke or aggression as they are many times under the wraps of the Internet and not as deadly as kinetic warfare.
While many of the 2022 predictions represented valid concerns, the good news is that we simply did not experience all of them in the way we envisioned. Yet, one stood out: the fact that cybercriminals will continue to adopt more sophisticated cyber strategies to do harm as they try to stay a step ahead. With this in mind, I have three additional cybersecurity predictions for 2023.
Prediction #1: New Conflicts Will Begin as Cyber Events
We’ve officially reached the point where modern warfare will most likely start as a cyber event rather than a physical (kinetic) demonstration of force. While not widely reported, this happened to Ukraine in February 2022: Russian-sponsored cybercriminals hit Ukraine’s infrastructure and other systems with crippling DDoS and other cyberattacks more than a week before the high-profile Russian land invasion on February 24, 2022.
I believe this will now become the norm. If there is a major conflict or an advance in an existing conflict, the first waves will be cyber—cyberattacks against critical infrastructure, service providers, and essential government entities. This can be an extremely effective way to disrupt communications and take important operations and services offline as well as prove a capability.
Prediction #2: The Increased Weaponization of Social Media
I also believe that we’ll see Twitter, Instagram, and other social media platforms start to be used as an actual weapon. This will evolve past the standard ways that social media platforms are used to distribute information, share videos, and solicit support and assistance during times of war and conflict. Now virtually anyone can use social media and other technology to track and target the opposition. We’ve already seen examples in the current war in Eastern Europe where both sides have used open-source intelligence from social media sites as well as IP address tracking to develop very effective bombing campaigns.
Fortunately, the United States is not in such a conflict, but the takeaway is still important for our cybersecurity defenses. Companies need to be very careful about what information they or their employees share and protect other technical details as much as possible to bolster their cybersecurity defenses.
Prediction #3: Banning of Foreign Equipment and Technology
I think we’ll start to see more scrutiny related to sanctions and even banning foreign-made equipment and technology in the United States and possibly even within NATO countries. For example, recreational drones are becoming more popular in the U.S. today, and now offer the latest advances such as high-resolution cameras that are so accurate they can use geolocation data to identify and track images within just a few feet.
However, there’s a real concern about the data these products collect, and more specifically, if it could be sent back to the countries that manufacture them. If so, what is the purpose, and what is this data being used for? It’s similar to the dilemma we’re currently facing with TikTok: Should this app be completely banned due to data security concerns, or should the United States require TikTok to establish new U.S.-based entities that won’t be allowed to share any data with their country of origin? This is a real debate inside the FCC and Congress as this article is being written.
Again, this prediction has real cybersecurity implications for government organizations, the industrial sector, and private companies. Imagine if a foreign power used data collected from products and technology that were strategically placed in the United States as part of a powerful cyberattack. It’s possible a rogue nation-state or other group could target vital infrastructure such as power and energy, gas pipelines, telecommunications, water, or even roadways—which could be devastating.
In many ways, 2022 has been a turbulent year, and unfortunately, one where global geopolitical developments could potentially put U.S. companies at more risk. For data center providers and their customers, this means now is the time to thoroughly assess their existing cybersecurity defenses. There’s a saying in the cybersecurity industry today: “It’s not if you’ll come under attack, but when.” Knowing this, while also considering where new cyberattacks could come, may help give you the upper hand against new adversaries in 2023.
Mark Houpt brings over 30 years of extensive information security and information technology experience in a wide range of industries and institutions. He is Chief Information Security Officer at DataBank.