Attackers evolve strategies to outmaneuver security teams

Attackers are expected to broaden their targeting strategy beyond regulated verticals such as financial services and healthcare. Large corporations (41%) will be the top targeted sector for cyberattacks in 2023, favored over financial institutions (36%), government (14%), healthcare (9%), and education (8%), according to Titaniam.

The fast pace of change has introduced new vulnerabilities into corporate networks, making them an increasingly attractive target for cyberattackers. To compete in the digital marketplace, large companies are adopting more cloud services, aggregating data, pushing code into production faster, and connecting applications and systems via APIs.

As a result, misconfigured services, unprotected databases, little-tested applications, and unknown and unsecured APIs abound, all of which can be exploited by attackers.

Changing attack strategies in 2023

The top four threats in 2022 were malware (30%), ransomware and extortion (27%), insider threats (26%), and phishing (17%).

The study found that enterprises expected malware (40%) to be their biggest challenge in 2023, followed by insider threats (26%), ransomware and related extortion (21%), and phishing (16%).

Malware, however, has more enterprises worried for 2023 than it did for 2022. It is important to note that these threats can overlap, where insiders can have a hand in ransomware attacks, phishing can be a source of malware, etc.

Attackers are evolving their strategies to surprise and outmaneuver security teams, which have hardened ransomware defenses and improved phishing detection. They’re using new malware, such as loaders, infostealers, and wipers to accelerate attacks, steal sensitive data and create mayhem.

They’re also buying and stealing employee credentials to walk in through the front door of corporate networks.

2 in 3 companies report 2022 breaches

Nearly 65% of companies were breached in 2022 as attackers exploited process gaps and security vulnerabilities to access networks. While no corporate security team wants to detect a breach, they’re doing it faster, thanks to security platforms that use automation and artificial intelligence to detect anomalies amidst noise and speed security operations processes.

Among those breached, 91% of security operations teams detected the incident within a week, while 100% identified it within a month. Less hacker dwell time in networks means less damage for these companies.

Attackers target high-value data for exfiltration

However, attackers are also getting smarter. Once inside corporate networks, they move swiftly to target and exfiltrate high-value data, including data crucial to the organization (57%), intellectual property (57%), and personal identifiable information (PII) or sensitive PII (38%).

Structured and unstructured data are at risk

In 2022, structured data was more at risk than unstructured data for malicious exfiltration. Attackers targeted structured data used in databases such as Oracle and Microsoft Azure SQL Server (68%) and for analytics in web platforms such as Databricks (63%).

However, attackers also searched for unstructured data used in applications (57%) such as Amazon S3, Microsoft Azure Blob and created by users (50%) in tools such as Microsoft OneDrive, Microsoft SharePoint, and others.

Moving into 2023, attackers will target structured data used for analytics (68%) over that used in databases (62%). They’ll also target unstructured data created by users (58%) over that created by applications (54%) or other sources (16%).

Analytics and user data reveal corporate intent, providing a lens into strategies, plans, product launches, partnerships, and other information of interest to attackers, such as nation-states, cybercriminals and more.

Data protection is the new #1 security priority

Protecting data enables large companies to safeguard their plans and intellectual property. Thus, it’s not surprising that protecting data (31%) has emerged as the #1 security priority for 2023, ahead of preventing ransomware, data exfiltration, and extortion (27%), staying ahead of malicious attacks (23%) and other objectives.

To realize this goal, 92% of teams plan to increase their security measures in 2023, while 97% will explore new solutions.

Data security rose to the top of the priority list for 2023 with over 30% of participants checking that as their most important upcoming project. This was followed closely by ransomware and extortion defense at over 25%.

Security teams should look for a data protection platform that uses encryption-in-use, tokenization, and other techniques that safeguard data throughout its lifecycle while still retaining rich data usability such as search and analytics.

By doing so, organizations can protect themselves against data exfiltration and ransomware demands.