These are the biggest cyber threats that will also affect you in 2023

Digitization continues inexorably and with it the IT risks are also increasing. In a report published Monday, Swisscom provides an overview of the current and future threat situation.

watson summarizes the main findings.

The concrete danger of generative AI

That AI will soon take over the world and wipe out humanity is of course nonsense. But very real dangers already exist.

Since its launch, ChatGPT has impressively demonstrated what a well-trained AI chatbot is capable of today. And like many other ingenious tools, it can be used for abusive purposes. In their current report, Swisscom’s IT security experts predict “an increasing amalgamation of targeted attacks with AI-generated phishing emails”.

Another development direction for the malicious use of language model AIs is their ability to analyze software for vulnerabilities and then program malware to exploit the vulnerabilities found. The required knowledge of attackers to carry out complex attacks is thus further reduced.

And the good news?

AI technology can be used not only by attackers, but also for defensive purposes.

Worrying trend in ransomware attacks

Ransomware attacks are one of the biggest IT risks today and we read about new, potentially devastating hacker attacks almost every day.

The Swisscom report indicates that many companies and organizations have upgraded and evolved. Therefore, ransom payments are decreasing as a result of ransomware attacks.

However, the cat-and-mouse game between attackers and defenders continues. The big problem from a defender’s point of view: if you make a mistake, you have to expect serious consequences. The tough, calculating cybercriminals also realize this, who behave more and more professionally and adapt to the situation: some of the most dangerous gangs, such as ALPHV, LockBit or BianLian, act even more aggressively after attacks and try to pressure the victims with threats.

The sobering conclusion of the Swisscom experts:

The amount required usually depends on the size of the company and is about three percent of sales. However, it is important to note that the ransom paid is often only a fraction of the cost caused by the attack.

Swisscom warns that the biggest challenge for the future will be the increasing specialization of attackers and the associated complexity of their attacks. The biggest threat already comes from ransomware-as-a-service offerings. “The ransomware groups no longer penetrate companies themselves, but rent their encryption malware and their server and support infrastructure to other attackers.”

And the good news?

IT security can be increased with several measures that are now considered industry standard.

Swisscom manager Marco Wyrsch says:

And that brings us to the last point:

The skills shortage continues, but…

As the threat of ransomware gangs and other IT security threats will certainly not diminish, the demand for well-trained specialists is increasing.

Given the increasing number and complexity of attacks by state and private sector cybercriminals, the global shortage of security experts is already being felt in many companies and organizations, the Swisscom report states.

And the good news?

In a constant battle for talent, a company can exhaust itself trying to work in the empty job market. Another variant is to look inward and invest in the further training of your own employees.

In addition to the appropriate wage, employers could also score points in terms of the working environment and the compatibility of work and family. The possibilities here are diverse: flexible working hours, home office models, short-time working with the same salary, etc.

Sources