Cyber threats organizations should keep an eye on in 2023
In Malwarebytes’ most recent report on the current state of malware, the company has identified several high-profile cyber threats that organizations should be on the lookout for in 2023.
The 5 most important cyber threats
LockBit, an affiliate-based ransomware variant, has dominated the 2022 threat lascape, and it has affected hundreds of businesses of all sizes. “Since April 2022, one in three known ransomware attacks has involved LockBit“, the report revealed.
Two of the currently most threatening malwares are Emotet and SocGholish. Emotet, a trojan that steals infromation and delivers malware, has the ability to spread easily and is hard to remove.
SocGholish uses social engineering and users’ security awareness to access computer systems. It usually masquerades as a critical browser update and, once installed, the criminals can download remote access trojans (RATs) or spread ransomware throughout the network.
“In the battle against malware, Android is the forgotten front line. Android droppers represent a category of malware that highlights the danger of overlooking protection for the world’s most popular operating system,” Malwarebytes’ analysts pointed out.
Android droppers usually come disguised as bening apps, available on third-party app stores or even on Google Play. When downloaded, they drop additional malware into the system.
MacOS malware is not so common, but the threat cannot be ignored. The one piece of macOS malware organizations should keep an eye on is OSX.Genieo, a browser hijacker that intercepts users’ web searches and injects its own intrusive (and potentially malicious!) ads.
Finally, since Microsoft blocked macros in Office documents, cybercriminals have been switching to new ways and techniques to get through to victims: LNK files, disk image files (ISO, IMG, NRG, BIN, etc.), archive files (ZIP, RAR, 7Z,TAR), QR codes, OneNote files.
Old habits die hard – for a reason
Cybercriminals are still leveraging old tools and tactics because they still work (well enough). They are just updating and perfecting them.
Organizations should set up defense systems and keep them up to date, but they must also have skilled professionals who will keep an eye on rising trends in the threat landscape and are capable of identifying and eliminating intruders.