James Muir, Threat Intelligence Research Lead at BAE Systems Digital Intelligence, considers four areas which will affect the cyber resilience landscape during 2023.
Adversarial AI reaches a tipping point to become a real-world concern
There is still little evidence around the use of AI for launching cyber attacks. A more concerning aspect to consider, however, is the field of adversarial AI, whereby target AI systems are exploited as part of an attack.
In 2023, it is possible that this type of threat will reach a ‘tipping point’, moving from being mainly an academic matter to a real-world concern. We can expect to see more attempts from cyber criminals to poison training data and confuse AI systems with special inputs.
One way an adversarial AI attack could lead to real-world consequences is if vulnerabilities are found in widely-used AI frameworks or codebases. It is likely that attackers will develop easy-to-use tools to exploit these vulnerabilities, potentially opening up a whole new class of attack. How and when this may happen remains unclear, but the creation of new security policies to mitigate potential threats will become increasingly important.
Developments within the cyber insurance market will have serious, knock-on impact effects
In 2022, the rising threat of ransomware attacks led many insurers to raise premiums and reassess coverage. Going into 2023, Lloyd’s of London announced that its insurance policies will no longer cover losses from state-sponsored cyber attacks, effective from March. We can expect these dynamics to heavily impact organizations. Many will find themselves without appropriate coverage, requiring the use of emergency incident response services outside of their existing arrangements.
The change in cyber insurance policy could also affect government-led attribution of cyber attacks to state entities, which is often a challenging task in itself. All of these factors combined means that if a NotPetya style incident were to occur, the repercussions could be severe.
Energy security and cyber security to converge
As additional focus is placed on building a more sustainable future, the motivations for energy-related cyber attacks will likely increase across the entire threat landscape. At the low end of sophistication, we have already seen numerous scams related to energy bills, including fake emails or texts to steal individuals' personal information. At the high end, the potential for state actors to disrupt energy networks looms large in certain regions.
As companies across the globe look to green agendas and innovation in 2023 and beyond, new opportunities for threat actors will doubtless arise. Next year, we could see actors find other links between energy security and cyber security, such as espionage efforts into green technology or energy policy, along with environmental hacktivism.
5G rollouts will widen the attack surface
Predicting the direction of travel for the 5G threat landscape is not a straightforward task. The 5G standard itself offers significant security improvements compared to its predecessors like 4G and LTE. But the infrastructure required to implement full 5G rollout – with increased dependence on IT, as well as virtualization and cloud infrastructure – could increase the attack surface and expose vulnerabilities.
When looking at radio access networks (RAN), for example, security researchers have pointed to poorly configured virtualized environments in existing OpenRAN deployments, including numerous issues in Kubernetes configurations.
On the core network side, as the rollout and implementation of new features becomes more complex, it is possible that we’ll see security misconfigurations that impact wider 5G networks. Adopters of 5G must therefore pay greater attention to the risks surrounding 5G security, with specific high-threat use cases – such as military scenarios – having been discussed in whitepapers this year, including CCDCOE’s research report on Military Movement Risks From 5G Networks.