BAKU, Azerbaijan, January 23. The tense political situation both in 2023 and in the upcoming years is going to result in an increased number of cyberattacks on the energy, telecommunications, and industrial infrastructures, the computer forensics laboratory of the Russian Group-IB company told Trend.
According to the company, powerful DDoS (Denial of Service) attacks and leaks of confidential information are expected, as are large financial embezzlements.
"There may be huge numbers of DDoS attacks by hacktivists in order to disable the telecommunications systems. Threats to telecommunications companies from cryptographers will decrease – extortionists' interest in this industry is fading," said the company.
It was noted that the popularity of remote work increases the risk of compromising corporate data. It is easier for criminals to gain access to the company by attacking poorly protected employees' home routers and data storage systems.
"Furthermore, the criminals will use relatively simple methods in order to access the network. An example will be RDP (Remote Desktop Connection) access. Employees of companies and social engineering will be used more often as a vector of the initial attack. New frameworks, such as Industroyer2, are expected to be used to control controllers and attempt to cause blackouts," the company added.
It was also noted that the Lockbit, Hive, and BlackCat criminal groups will continue to lead among cryptographers and will keep improving their malware and tools to access networks.
"Only strong and stable players will survive in the encryption industry. Small groups will disintegrate, while their participants will join larger groups. Both the number of attacks and the number of teams will grow. In addition, the US will retain leadership in the number of attacked companies," said the company.
The company also noted that the attackers will more often use authentication data obtained from stealers as initial access.
"The industry will remain the most attacked sector. The groups will continue to develop the internal structure, creating even more research units specializing in finding zero-day vulnerabilities (vulnerability in a system or device that has been disclosed but is not yet patched)," the company concluded.