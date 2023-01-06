In 2022, there were 21,000 Common Vulnerabilities and Exposures (CVEs) registered according to Barracuda. Many of them were classed as ‘critical’, and many were actively exploited by attackers.

Barracuda Networks, a cyber security firm, revealed threat predictions that would leave the organisations exposed in 2023. As part of the threat forecast, Barracuda turned to the professionals on the security frontline and asked them about the things they witnessed in 2022 and to identify a series of vulnerabilities and attacks that shook large enterprises.

In 2022, geopolitical conflicts further reminded that cyber threats have no borders and just how vulnerable the world is to cyberattacks. Against this backdrop, some of the top cyber threat trends that organisations need to be ready for in 2023 are Ransomware, Zero-Day Vulnerability, Supply Chain attacks, and Credential theft amongst others.

Barracuda said that with the increasing frequency, Ransomware will still be an issue. “2022 was the first time when targeted ransomware attacks were witnessed against individuals based on their personal social media profiles. We have witnessed an increased use of wiperware. In 2023, this wiperware emanating from Russia will likely spill over into other countries as geopolitical tensions continue,” the company added.

With the ransomware-as-a-service business model taking off and the recent build leak of LockBit 3.0, a new generation of smaller and smarter gangs is likely to steal their limelight in 2023. During the year, organisations will experience an increased frequency of ransomware attacks with new tactics.

In 2022, there were 21,000 Common Vulnerabilities and Exposures (CVEs) registered according to Barracuda. Many of them were classed as ‘critical’, and many were actively exploited by attackers. There were also a number of popular third-party software libraries that had critical vulnerabilities reported. Organisations need to have a team in place ready to patch software and remediate.

Account takeover continues to be a low-hanging fruit for attackers and a top-of-mind risk for organisations, Barracuda said. These credentials open the door for remote access, email and corporate web applications storing customer data. “We have seen impersonation techniques and spear phishing attacks constantly evolve and with multifactor authentication (MFA) fatigue attacks, they are having more and more success,” it added.