TSCPA News

Top Cybersecurity Threats of 2023

December 6, 2022

By K2

Cyberattack statistics indicate that businesses face sustained cyberattacks, which are only increasing. So, what should we expect as the top cybersecurity threats of 2023? Predicting that bad actors will repeat the most common attacks of the past in the future is appropriate. However, bad actors continue to dream up new attack vectors. Moreover, they are improving their techniques faster than good actors can protect us.

The most common of these attacks, which cost the global economy $1 trillion last year, are:

  1. Phishing
  2. Malware
  3. Ransomware
  4. Cloud jacking
  5. Insider compromise

Each of these attacks is a combination of intelligent guessing by the bad actors and errors made by your team members. It only takes one mistake by someone in your company to let outside attacks commence, frequently circumventing all the IT protections that you have put in place. The simple days of antivirus and a firewall being “good enough” are gone. We’ll provide some action steps below to protect against common threats today.

Over the next decade, businesses will face increasingly sophisticated threats like deep fakes and AI attacks. Businesses can undertake cybersecurity best practices to batten the hatches and secure the company.

Attacks Translate to Risks

The primary reason to be aware of cybersecurity attacks is to take steps to mitigate the risks. Examples of risks and ways to reduce them include:

  1. Phishing attacks, including “spearphishing” incidents - Carefully consider how much information you should share through social media platforms. Bad actors could use that information to reset passwords or make a stranger seem like a long-lost friend. Email filtering solutions block phishing emails from reaching targeted users’ inboxes.
  2. Ransomware – You must teach users not to click on links or email attachments. You can use tools like KnowBe4, PhishMe or those included in your Microsoft 365 subscriptions.
  3. Credential compromises – Mandate password management tools, enable multi-factor authentication whenever possible, ensure team members do not share logins, and block access from unknown devices and unknown IP addresses.
  4. Poorly configured end-user devices – Properly configured end-user devices include anti-malware tools, signature-based, heuristic-based or whitelisting antivirus products, and regularly updated operating systems and applications. Further, ensure end users do not log in with Admin rights, and drive encryption, perhaps with BitLocker, is enabled.
  5. Misconfigured organizational security devices - Ensure only authorized users have physical access. Restrict the number of users with administrative rights and privileges to the bare minimum. Disable unnecessary services. Periodically conduct penetration tests. Verify routers, firewalls and other devices are appropriately configured and firmware remains updated. Finally, consider implementing a Zero Trust Security Model (ZTSM).
  6. Lack of appropriate security policies and plans in place - Get necessary security policies in place and continually update them to match contemporary risks. An excellent place to start could be The SANS Institute’s Security Policy Project (www.sans.org/information-security-policy). In addition, public practice firms are required to have a security plan, according to IRS Publication 5293.
  7. Inadequate team member training on policy objectives – You should train team members on the security policies in place. Make sure they understand why specific actions are necessary. Recognize this as an ongoing, never-ending process.
  8. Remote work environments - This is an often-overlooked area of concern that has escalated since March 2020. Remotely working team members should be held to the same security standards as those working in a corporate office. VPNs, anti-malware tools, MFA, physical control of devices, Wi-Fi security, operating system, application updates, etc., are as necessary when working remotely as in the office. Create checklists and ensure compliance with the lists.
  9. Poor backup strategies - Though not popular to say, we’re probably talking about WHEN the breach happens, not IF it happens. Therefore, focus on what recovery would look like. Do you have an updated Business Continuity Plan and a Disaster Recovery Plan? Yes, these are two different plans!
  10. Continuing to use legacy hardware and software - Your technology plan should address appropriate replacement cycles for hardware and software. “Legacy” devices and apps can create security risks. For example, maybe the manufacturer no longer makes firmware updates available. As a rule of thumb, any hardware used for over 10 years may be beyond its useful life. Likewise, any software that is no longer supported should likely be replaced.

Cybersecurity Best Practices

Consider the following cybersecurity best practices to protect your company from known and unknown threats:

  1. Look Out for Suspicious Emails
    Email phishing is the number one cyberattack vector that criminals use. After all, why break the door down when you can ask someone inside to let you in? Using anti-phishing software and training employees to identify suspicious emails can help prevent phishing incidents in your organization.
  2. Use Antivirus and Anti-malware
    Antivirus and anti-malware software might be as old as computers, but they are far from outdated. In addition, more sophisticated attacks can easily bypass this software. However, updated antivirus and anti-malware prevent 99% of attack vectors from compromising your computers and networks.
  3. Keep All Software Updated
    Outdated software allows criminals to run zero-day attacks, which exploit software vulnerabilities before a security update has been issued or installed. Consequently, keeping software updated ensures that all known vulnerabilities are secured, denying attackers a chance to exploit known vulnerabilities.
  4. Enable 2-factor Authentication for All Logins
    Two-factor authentication, or 2FA, secures logins by adding an extra layer of security on top of password security. Enabling 2FA, especially for admin accounts, guarantees that no one will access the accounts without the second authentication factor. For example, 2FA options include authenticator apps such as Cisco DUO or Microsoft Authenticator, a physical device such as a YubiKey, and biometrics such as facial or fingerprint recognition.
  5. Do Not Trust Public Networks
    Public networks like mall or airport Wi-Fi are prime places for man-in-the-middle, eavesdropping and packet sniffing attacks. Avoid using public networks whenever possible and opt for mobile networks like tethering the computer to your mobile phone. In addition, public network safety also applies to plugging your laptop into an ethernet at a public cyber cafe.
  6. Set Strong Passwords
    Weak passwords are behind many cybersecurity lapses and continue to haunt most companies. Setting strong passwords can ensure that, at the very least, brute-force attacks will not work. Longer passphrases are considered the new best practice for strong passwords. However, strong passwords must also remain confidential. Most importantly, investing in a password management service like LastPass, Bitwarden or 1Password can be helpful.
  7. Schedule Training for All Employees
    Enlightened employees are the first line of defense against cyberattacks. If they are not aware of cyber threats, they may take actions that expose the company. Further, train your employees on cybersecurity, cyber hygiene, password security and other safety practices; so they remain vigilant as they conduct their daily duties.
  8. Use Secure Cloud Backup for Important Data
    Locally stored files and data are like sitting ducks for cybercriminals. If they manage to breach your network, they will have a field day exploiting this data. Secure cloud storage solutions like OneDrive and Google Drive make it more difficult for criminals to gain access. In addition, they can help restore files lost to a ransomware attack, saving the company thousands of dollars in ransom fees.
  9. Use HTTPS on All Internet Connections
    An HTTPS connection encrypts all data traveling from one internet server to another, ensuring no one intercepting the data can see its contents. If you run an eCommerce store or any other online business that relies on sending information via the internet, ensure all connections, including your website, have an SSL certificate installed and HTTPS enabled.
  10. Consult a Cybersecurity Company or Professional
    Although most in-house IT professionals can complete all the measures above, working with a cybersecurity company or professional can be helpful. They can provide a threat analysis, offer an action plan and even help implement it. Subsequently, they can conduct periodic audits of cybersecurity measures and ensure the company remains secure.

Last Words

Applying cybersecurity best practices for business is not a project done once and completed. Instead, cybersecurity is an ongoing process owing to the constant threat of attack. Therefore, staying safe and secure remains a matter of vigilance alongside a sense of urgency in implementing the cybersecurity best practices outlined above.
As a rule of thumb, the three principal areas to remain vigilant in are: people, processes and technology (PPT). If you can cover these three fronts, you will keep your organization safe from most threats and even thwart emergent attacks.