The information security landscape is constantly changing. Year over year we are seeing an increase in successful attacks made against SMB's utilizing the same attack vectors in addition to more advanced tactics. In fact, according to CISA and Checkpoint Security, attacks against U.S. SMB's have increased 7% while the number of successful attacks has risen at an even faster rate. It is important now more than ever to stay up to date on the trends and common threats SMB's will continue to face in 2023. In this blog, CorpInfoTech seeks to inform businesses on what they should keep an eye on in the upcoming year based on what we have seen in Q1.
The term "A.I." has begun to move out of the realm of science fiction and into the modern business environment as Large Language Models (LLMs), such as OpenAI's "ChatGPT" has brought to light a multitude of security concerns. LLM technologies have empowered bad actors to create more realistic social engineering schemes to better fool individuals into clicking a link or downloading malware. Additionally, A.I. has allowed cyber criminals to automate their attacks and drastically increase their efficiency. Even adversaries with low technical capabilities are able to conduct more sophisticated cyber attacks than previously thought possible. A.I. will continue to evolve at a rapid rate in the coming years and if businesses aren't prepared to combat the potential threats it brings with it, then cyber criminals will continue to utilize this technology to their benefit.
Supply chain attacks are a common attack vector in which cyber criminals target third-party vendors in order to gain access to the targets organization. These attacks are becoming more and more common as mid-market commercial organizations often lack the resources to effectively assess their vendors' security posture. There are many risks that are introduced into an organization via their software supply chain, and CorpInfoTech has been wary of these techniques for a long time. Remote Management and Monitoring software (RMM) have historically been utilized in these attacks as they give attackers access to their targets network through their third-party vendor.
The as-a-service model has become increasingly utilized by very capable bad actors. This business model provides services that range from Initial access brokers (IABs) to phishing platforms that anyone can utilize. Ransomware-as-a-service is perhaps one of the most common variations of the business model. More sophisticated attacks will sell their brand of ransomware as a service to less technically capable attackers for a fee. This drastically lowers the barrier of entry in terms of technical skills for attackers.
These are just a few of the trends CorpInfoTech has seen in the first quarter of 2023. We will continue to update you, and provide more information regarding what we believe businesses will need to look at in the coming months.
CorpInfoTech (Corporate Information Technologies) provides small to mid-market organizations with expert I.T. services including compliance assessment, cybersecurity penetration tests, and comprehensive business continuity planning services. CorpInfoTech can help organizations, quantify, create, refine, and mitigate the risks presented by business threatening disasters in whatever form they may be disguised.