Mandiant releases 2023 predictions for cyber threats


Threats evolve, attackers constantly change their tactics, techniques and
procedures, and defenders must adapt and stay relentless if they want to keep
up. Mandiant’s forecast aims to help the cyber security industry frame its fight against
cyber adversaries in 2023. Read on for Mandiant’s 2023 predictions.


More Attacks by Non-Organised Attackers and Non-Nation
State Attackers

In 2023 we expect to see more intrusions conducted by non-organised attackers
and non-nation state attackers. More of the threat actors operating out of North
America and Europe will likely be younger, and conducting intrusion operations not
because they’re interested in making money specifically, or because governments
have tasked them with doing it, but because they want to be able to brag to their
friends or boast online that they’ve hacked into and brought embarrassment to
prominent organisations. While they will be happy to achieve financial gain, that
may not necessarily be their lead motivation.

Europe May Surpass the United States as the Most Targeted
Region for Ransomware

Ransomware continues to have a significant impact on businesses across the
globe. While reports show that the U.S. is the country most targeted by ransomware
attacks worldwide, small indicators show that ransomware activity is decreasing
in the United States and growing in other regions.2 In Europe, the number of victims
is increasing, and if that increase continues, Europe will likely become the most
targeted region in 2023. The United States has been very outspoken on policies,
sanctions and the potential of a response in the cyber domain concerning
ransomware and other attacks. However, it is hard to conclude if the more
aggressive stance on ransomware actually deters attacks.

More Extortion, Less Ransomware

Historically, cyber criminals have used ransomware to monetise access into
a victim’s network. Due to several high-profile and visible breaches last year,
organisations see mitigating brand damage as a much more compelling reason
to pay a ransom than regaining access to encrypted systems. Over the next year,
we will continue to see criminals rely on extortion, but actual ransomware
deployments may decline. Ransomware-as-a-service (RaaS) providers will
modernise their software to focus on data exfiltration and “leak sites” for
public shaming.


Mandiant’s report also goes into detail about the rise of Iran as a state-based actor on the cyber threat landscape, the increasing aggressiveness of China, and of course the Russia and Ukraine state of affairs.

See the full report here: