Top 5 Most Dangerous Cyberattacks for 2023
Professional instructors from the SANS Institute recently detailed what they cite as the most dangerous forms of cyberattacks for 2023. Some of the key themes included the intersection of AI with attack patterns and the ways that attackers are taking advantage of flexible development environments.
1. SEO-Boosted Attacks
Just as regular businesses utilize search engine optimization (SEO) to boost the rankings of certain terms for the sake of marketing their products and driving traffic to revenue-generating sites, the bad guys also turn to SEO. In their case, they use it to boost the rankings of their malware-laden sites to send more victims their way.
2. Malvertising
Similar to how marketers utilize both organic search techniques via SEO and paid search techniques utilizing advertising, cybercriminals are doing the same. Drive-by attacks are also similarly fueled by malicious advertising (malvertising) campaigns that artificially boost the rankings of sites for certain keywords.
3. Developers as a Target
Developers are an extremely enticing target as they usually have elevated privileges across IT and business systems. Many systems they use can be subverted to poison the software supply chain, and they tend to work on machines that are less locked down than the average user to enable them to experiment with code and ship software daily.
4. Offensive Uses of AI
With the explosion of large language models (LLMs) like ChatGPT, defenders should expect attackers — even very non-technical ones — to ramp up their development of exploits and zero-day discovery utilizing these AI tools.
5. Weaponizing AI for Social Engineering
In addition to technical offensive uses of AI, expect attackers this year to drastically ramp up their use of AI to make their social engineering and impersonation attempts highly believable, warned Heather Mahalik, director of digital intelligence for Cellebrite and digital forensics and incident response lead for SANS.
Protect Your Organization
Organizations must stay vigilant and implement robust security measures to safeguard against these evolving threats. From security awareness training to XDR and SIEM solutions, Yeo & Yeo Technology is here to help. Get in touch.
Source: https://www.darkreading.com/attacks-breaches/sans-lists-top-5-most-dangerous-cyberattacks-in-2023