PREDICTION 1
Accelerated 5G adoption will deepen vulnerabilities
5G connections in Asia Pacific (APAC) are expected to reach 430 million in 2025, up from 200 million at end-2021, according to a recent report by the industry association GSMA. In Singapore, Singtel has reached 95% of 5G coverage nationwide, ahead of the regulatory target of 2025, with plans to expand standalone 5G coverage to its seaport by 2025.
Threat scenario
- Modern 5G delivery infrastructures are built on cloud architectures. While cloud provides greater agility, scalability and performance, it also exposes the 5G core to cloud security vulnerabilities. Large-scale attacks could come from anywhere, even from within the operator’s own network.
- 5G mobile networks will support the verticalization of services across industries and the development of Industrial IoTs, smart factories, and other new use cases. These unprecedented 5G innovations are prime targets for evolved ransomware attacks that could cause costly disruptions.
- With the advent of 5G speeds, and more edge devices in the mix, bad actors will have several entry points and tremendously high network speeds to launch cyber-attacks.
PREDICTION 2
Securing connected medical devices will be critical
Digitisation is enabling brand new capabilities for healthcare eg virtual healthcare and remote diagnosis. The prevalence of legacy systems and sensitive data that is attractive to cyber criminals is making healthcare a soft target and cyber threat actors will be focussing on it. In fact, the closer a device is to a patient, the more likely it is to impact patient safety and also the more likely a threat actor will weaponise it. Ensuring the cybersecurity of medical IoT will be important as ever for patient safety.
Threat scenario
- During the pandemic, technology was used extensively to help in the fight against Covid. We saw the growth of contact tracing apps, connected health scanners, telemedicine, etc. Also proven during the pandemic was the fact that cyber attackers have no qualms about disrupting critical healthcare functions for illicit gain.
- Adoption of medical IoT is also trending up. A recent assessment from Palo Alto Networks revealed an alarming 75 percent of medical infusion pumps scanned had known security gaps that could be compromised by attackers. Expanding the mandate of Cybersecurity Departments to include securing medical IoT and OT will be required.
- It will not just be enough to secure the medical devices, but also the need to secure the huge mass of patient data as well as their digital health records. In addition to stealing the data, attackers could encrypt the data for ransomware causing life-threatening issues at healthcare facilities.
PREDICTION 3
Cloud supply chain attacks will disrupt businesses
As companies adopt cloud native architectures, they are also inherently consuming third party code into their critical applications. Log4J recently demonstrated how many organisations can be immediately vulnerable due to a piece of dependent code tucked deep into the software packaging process. We have also seen attackers targeting the volunteers who maintain these open source code constructs to infiltrate organisations through the package update processes. This issue falls under the cloud supply chain and we will see more disruptions in the coming year(s) on this front due to cloud adoption trends.
Threat scenario
- Cloud applications are built on countless code packages that have downstream dependencies on a myriad of opens source code. Open-source software could contain unpatched vulnerabilities or even hidden malicious code.
- The scope of cloud supply chain vulnerabilities is not only limited to applications. Most organisations are now adopting Infrastructure-as-Code to automate environment buildouts. Palo Alto Networks scanned a popular public IaC repository to find 64% of these templates had at least one high or critical insecure configuration.
- There’s also a broader concern that open source code is prevalent across all cloud and software service providers. An issue within a popular code snippet could literally impact the entire cloud ecosystem.
PREDICTION 4
The debate on data sovereignty will intensify
As the world becomes more reliant on data and digital information, the volume of regulations and legislation emanating from a desire to control and protect citizens and ensure the continued availability of critical services will increase. As a result, the conversations around data localisation and data sovereignty will likely intensify in 2023.
Threat scenario
- Recent years have seen a global trend towards various governments adopting data localisation policies. There are mixed motivations for data localisation policies, which can center on the misunderstanding that data localisation is better for privacy and cybersecurity.
- Data privacy and protection becomes a point of contention when users’ private and confidential information is assumed to be accessible, ready to be examined and shared for user behaviour analysis, advertising, surveillance, and other covert objectives.
- Data localisation laws or policies that restrict the cross-border flow of security data can deprive organizations of the benefits of real time, globally deployed preventative defenses and security, and of the ability to correlate information about cyber threats in real-time using artificial intelligence/machine learning (AI/ML) in a security context. This is needed to combat evolved attackers that exploit our siloed approaches.
PREDICTION 5
Metaverse to be the new playground for cybercriminals
With an estimated $54 billion spent on virtual goods every year, metaverse could open up a new playground for cybercriminals. The immersive nature of the metaverse will unlock new opportunities for businesses and consumers alike, as it allows buyers and sellers to connect in a new way. Companies will take advantage of mixed reality experiences to diversify their offerings and cater to the needs of consumers in the metaverse.
Threat scenario
Metaverse implementations can be attacked at four essential layers: platform, conduit, edge and users.
- Platform – most metaverse platforms will be built on cloud architectures (public or private) and are susceptible to cloud-based attacks.
- Conduit – metaverses will interact with other platforms via APIs and other bridging protocols. These connections will be a target of attack. In particular, the conduits that are bridging cryptocurrencies between metaverses.
- Edge – Consumers will require some kind of wearable hardware, such as smart glasses or headsets, to be fully immersed in the metaverse. These IoT devices will be vulnerable to endpoint attacks and may lead to data and privacy breaches.
- Users – The expanded use cases for our digital identities will make them even more attractive for cybercriminals to exploit.
