LockBit, Extortion, and Mis-Information Campaigns: 2023’s Biggest Threat Intelligence Predictions 

Staying One Step Ahead of Emerging Threats

2022 will be remembered most notably for Russia’s invasion of Ukraine and the major effects it had on cyber threats. Throughout the year, the attack statistics remained astoundingly high with a ransomware attack happening every 11 seconds, up from 39 seconds in 2020 (CISA). Once detected, it takes an average of 287 days to identify a data breach (IBM). And according to research provided by the joint FBI and CISA cyber awareness task force, nearly 43% of cyber-attacks target small businesses (securityandtechnology.org).
 
Our Cyber Threat Intelligence (CTI) team stays one step ahead of emerging threats with our extensive research, providing threat intel that enriches our ability to quickly develop and deploy new detections to prevent breaches and reduce attacker dwell time. Based on what we saw in 2022 and our current findings, these are the top threats we predict as the most prevalent in 2023 – and how you can protect your organization. You can get the full guide with all our 2023 threat intelligence predictions and details by clicking here.

Top Threat Intelligence Predictions for 2023: 

1. LockBit will continue to be the most prolific ransomware group, targeting small and medium sized businesses. The LockBit ransomware operation is malicious software that blocks user access to computer systems in exchange for a ransom payment. The threat stayed busy in 2022, clocking nearly 1100 victims. It’s a possibility that law enforcement agencies in the West may be more focused on addressing issues related to international conflict, like Russian nation-state sponsored activity, and will have less resources available to devote to combatting cybercrime. Therefore, unlike other ransomware groups prioritizing highly impactful critical infrastructure targets, LockBit will likely continue to avoid detection by law enforcement and target small and medium-sized businesses.
    

2. Cyber extortion will focus almost exclusively on data exfiltration. Organizations are starting to discover methods to capture encryption keys from ransomware variants as they run, which allows victims to quickly decrypt data without paying the ransom. As a result, expect actors to steal data and demand ransom to prevent disclosure. Given that the average cost of a data breach in 2022 was just shy of 4.5 million dollars (IBM), many cyber criminals are moving solely to exfiltrating data as the preferred method of extortion.
    

3. Mis/dis-information campaigns will make a comeback. As the United States gears up for the 2024 presidential election, we expect to see a massive resurgence of mis/dis-information activity online and across social media platforms. These campaigns aim to spread false or misleading information through memes, videos, fake accounts or deepfakes. We predict Russia and China are likely to spread divisive political material this year and next, and expect that these campaigns may focus on issues such as the COVID-19 pandemic, Taiwan’s independence movement, and the United States’ role in a hypothetical war in Europe.

While threats are constant and evolving, you can combat them and protect your organization through empowering your employees to recognize phishing techniques and strengthening your cybersecurity infrastructure with a trusted Managed Detection and Response (MDR) provider. We’d love to tell you more about how we can help you simplify breach prevention and stop business disruption.

Download our latest 2023 Threat Intelligence Predictions Guide to get all five major threat intelligence predictions and learn how to best protect your organization this year, including additional information around nation-state motivations, deepfakes and the industries most at risk.