6 IBM cybersecurity predictions for 2023: Ransomware and CaaS will spike

2022 was a tough year for security teams. With the cost of data breaches rising and a wave of new threats cropping up amid the Russia-Ukraine conflict, defenders have had to stay at the top of their game. Unfortunately, new cybersecurity predictions suggest that this environment will only worsen.

Recently, IBM Security and the X-Force threat research team shared six predictions with VentureBeat for how cyber threats will evolve in 2023. 

Predictions made by IBM researchers include a rise in ransomware attacks, a boom in the cyber-crime-as-a-service (CaaS) ecosystem, and hackers innovating new techniques to exploit MFA and EDR technologies. 

Below is an edited transcript of their responses. 

1.  Ransomware attacks rebound, but not for all

“Cybercriminals look for organizations or industries that are teetering at the edge to tip them over. We saw that with manufacturing last year — a strained industry viewed as the backbone of supply chains. 

“With a global recession looming we expect to see ransomware attacks spike in 2023, except for larger organizations within regions heavily impacted during the ransomware boom. These organizations invested time and money in fighting back and are the most prepared for this next wave.” 

— Charles Henderson, global managing partner, head of IBM Security X-Force 

2. Hackers-for-hire skyrocket amid a global recession 

“The cybercrime-as-a-service [CaaS] ecosystem may balloon in the year ahead as operators offer new tools that dramatically lower the barrier of entry for less experienced/technical cybercriminals. 

“With a global recession looming, hackers-for-hire may emerge in search of quick and easy pay. And with geopolitical tensions at an all-time high, and a challenging winter ahead, we expect the biggest risk to be across Europe.”

— John Dwyer, head of research, IBM Security X-Force 

3. Social engineers set their sights on ICS systems 

“ICS/SCADA systems are essential to the daily operations of industrial manufacturers. Due to their importance, these systems have over time shifted to be a top target for attackers. 

“Yet while the tactics and techniques required to social engineer ICS systems are different from [those needed to social engineer] IT, the impact can be even more detrimental — going so far as the possible loss of life. 

“Social engineers are already beginning to advance their techniques and tactics to more successfully gain access to these vulnerable systems, and we anticipate this to accelerate — with even more success — in the year ahead.” 

— Stephanie Carruthers, chief people hacker, IBM Security X-Force Red 

4. Adversaries sidestep new cybersecurity technologies 

“Almost as fast as the cybersecurity industry releases new security tools, adversaries evolve their techniques to circumvent them — and this year will be no different, as we expect to see cybercriminals set their sights on MFA and EDR technologies specifically. 

“With attackers seeing some success circumventing non-phishing resistant MFA this past year — and more organizations relying on it than ever before — this technology will grow to be a top target next year. 

“Similarly, adversaries have been honing EDR evasion techniques and we expect to see a massive spike in the number of EDR evasion tools for sale on the dark web.” 

— John Dwyer, head of research, IBM Security X-Force 

5. Zero trust got 99 (implementation) problems 

“Now finally more than just a ‘buzzword,’ security teams will accelerate zero trust adoption plans in 2023, making several missteps along the way. 

“Without a deep understanding of trust relationships, implementations will fail, and we are already seeing security teams build ‘less trust’ rather than ‘no trust’ architectures. 

“This confusion will open the door to security gaps that adversaries may take advantage of in 2023.”

— Charles Henderson, global managing partner, head of IBM Security X-Force 

6. Specialists double back to generalists to secure the cloud in 2023

“Entering 2023, hiring the talent required to secure the cloud will be a challenge for security leaders considering the large number in very niche, specialized roles. With so many companies increasingly going all-in on cloud — and a skills crisis worsening year by year — the solution to the skills gap lies in cybersecurity generalists. 

“Organizations will recruit more generalists who have a track record of success and build up internal teams by reselling specialists back to generalists to help secure the cloud.”

— John Hendley, head of strategy, IBM Security X-Force