Intel 471, a provider of cyber threat intelligence for leading intelligence, security and fraud teams worldwide, released “The 471 Cyber Threat Report; 2022-2023 Trends & Predictions.” The research analyzes recent and commonly used tactics, techniques and procedures (TTPs) that have been adopted by prominent threat actors, how these threats have affected enterprises, along with predictive intelligence assessments on threats that organizations should be prepared to thwart over the next year.
The report details the most impactful threats that fueled the cybercrime ecosystem over the past year and the TTPs the actors employed behind them. It provides recommended steps organizations may want to take to protect themselves against existing and emerging threats on the horizon.
“It is important to not only draw attention to the TTPs commonly used by the most capable threat actors but also to provide rich context for how these TTPs can impact organizations at every stage of the cyberattack chain, and how they can be countered by tactical defenders and senior decision-makers,” said Intel 471 Chief Intelligence Officer Michael DeBolt. “The findings of our latest research will help arm organizations with the adversary, credential, malware and vulnerability intelligence they need to refine their cyber defense strategy, adjust their security practices and prepare for 2023.”
Other key takeaways from the report include:
- Prominent cyber threats observed include compromised access and data, ransomware, return of Emotet malware and exploitation of vulnerabilities – Many of these can be mitigated with a comprehensive identity access password program and a patching and update policy, as well as continuous monitoring for compromised credential breaches across third parties.
- Evolving threats included hacktivism, one-time password (OTP) bypass services, supply chain attacks and information-stealer malware – It is crucial to foster a culture of cybersecurity awareness to combat employee negligence synonymous with OTP and information stealer malware.
- The threat landscape will continue to be shaped by an increase in ransomware attacks and a demand for network access, threat actors will persist in capitalizing on security vulnerabilities and hacktivism will likely remain a threat.
Intel 471 also identified cyber threat trends that likely will dominate in 2023 and beyond:
- As prominent ransomware groups such as LockBit continue to offer evolving products with targeted services, vulnerabilities have reduced in quantity while increasing in severity.
- World events have complicated the threat landscape, with Russia’s invasion of Ukraine acting as a catalyst for further polarization of the underground. The most prolific threat to date has been KillNet, a pro-Russian group that gained notoriety through orchestrating distributed-denial-of-service (DDoS) attacks against pro-NATO countries and organizations.
- Threat actors monetized criminal services to great success in 2022. Multi-factor Authentication (MFA) is a common security practice, and threat actors are turning to OTP bypass services to circumvent this layer of security.
- The use of information-stealers will continue into 2023.
The report also includes case studies on LockBit 2.0, the most impactful ransomware strain observed by Intel 471 from November 2021 through May 2022, and the release of version 3.0, which is shaping up to be as impactful as 2.0..
To help organizations protect themselves from threat actors and their evolving TTPs, “The 471 Cyber Threat Report” includes mitigation recommendations to help organizations and their security teams harden their security practices, detect potential threats and isolate their sensitive information to avoid falling victim to new ransomware strains and malware.
Download the full report here.
Learn more at https://intel471.com/.
