The future of cybersecurity: Hacking the cloud
Grant Gross
Video Embed
As the world moves further into 2023, cybersecurity experts are starting to see some trends in the way hackers will operate this year, with more attacks on information stored in the cloud on the way.
To be clear, criminal hackers will continue to use many of the same methods and attacks they have in recent years. Ransomware will still be a major way for them to make money going forward, and phishing will continue to be used to gain access to personal data or corporate networks, some cybersecurity experts said.
NORTH KOREAN HACKERS BEHIND $100 MILLION CRYPTO THEFT, FBI SAYS
However, some see a growing move toward attacks on cloud infrastructure as many organizations move more data to the cloud, often public clouds operated by large technology providers.
“There will likely be more focus on attacking workloads running in cloud services or attacks exploiting [continuous software deployment] infrastructure,” said Adam Crosser, staff security engineer at Praetorian, a cybersecurity vendor.
As Praetorian simulates attacks against its clients, “there is often a need for more visibility into the security” of company systems focused on the continuous integration and delivery of software, he added. In many cases, these continuous delivery systems are operated in the cloud.
“Usually, a weak link can be leveraged to escalate privileges within an environment,” Crosser said. “Part of this is attackers meeting organizations where they are, so many shifts towards cloud-native applications and development would also lead attackers to focus more on attacking services within those environments.”
Still, criminal hackers are generally motivated by money, and if current techniques are profitable, they see no need to change tactics, Crosser added. While hacking gangs constantly evolve, what “drives their evolution is all about how much money they can make,” he said. “Until their typical playbook becomes unprofitable, they’ll keep running it, over and over, and continue monetizing their expertise.”
This means common attacks like ransomware and phishing aren’t going away but with modifications, said Dr. Ehud Ben Porat, head of security awareness at ThriveDX, a tech skills training provider.
“Cybercriminals are always changing their techniques,” he said. “We also see more sophisticated attacks on the horizon that will develop with the increasingly globalized workforce, recent trends in layoffs, new technology innovations, and other evolutions.”
For example, ransomware attacks are likely to become more sophisticated, with attackers targeting people, businesses, and entire municipalities, he said. In some cases, criminals are not only encrypting the comprised data, but they are storing it in a new location, giving companies more incentive to pay.
Meanwhile, phishing and other social engineering techniques are becoming more targeted and sophisticated, Ben Porat added. Attackers are using more advanced techniques like spear-phishing, or phishing emails targeted to specific people; vishing, which is the voice call version of phishing; and smishing, involving text messages.
Ben Porat also sees the possibility of hackers using artificial intelligence like ChatGPT to write malicious code.
Still, with recent attention on ransomware, some hackers may look for new ways to find victims, said Anand Raghavan, co-founder and chief product officer at Armorblox, a secure email provider.
“With cyber insurers and regulators clamping down on ransomware, we expect to see a continued move away from ransomware to easier categories of attacks like business email compromise or vendor fraud,” he said. “It has never been easier for attackers to use email providers to create free email accounts and launch impersonation attacks against organizations.”
Like Ben Porat, Raghavan sees hackers embracing ChatGPT, predicting they will use it to help them with their phishing and related schemes.
“With ChatGPT, they do not even need to be native speakers of English to be able to craft well-written email messages,” he said. “Until organizations find ways to protect themselves against these kinds of targeted attacks, money lost through [business email compromise] and vendor fraud will continue to increase over the next few years.”
CLICK HERE TO READ MORE FROM THE WASHINGTON EXAMINER
In addition, many hackers are beginning to develop patience, Raghavan said.
“Over the past couple of years, we have seen a move away from launching an attack right after compromising an account to a long-game approach where the attackers squat on the account and observe communication patterns, discover more about the organization, the entities they work with, and the compromised user, and then wait for the right time to launch an attack that gives them the most benefit,” he said. “This long game allows for the attacker to be present inside of a corporate network to steal as much information as possible.”