2023 cybersecurity faceoff: Hybrid workers vs the onslaught of cyber threats

• In the upcoming year, threat actors will increase their efforts to exploit security flaws in the cloud, software supply chain, and home office.
• 42% of Malaysian respondents indicated their company’s security posture is secure for teleworkers.

As many people work remotely, cyber threats have become increasingly severe and frequent. Cybercriminals frequently target remote workers because they believe they are easier targets and lack the level of security protection of a traditional office setting.

Users have embraced new forms of contactless technology, and businesses and governments have been shifting more and more into the cloud over the past few years. Companies’ growing digital footprints increase their attack surface, exposing security flaws that cybercriminals are eager to exploit.

Remote workers may experience various detrimental effects from cyber threats, including the loss of confidential information, monetary loss, and reputational damage – this will likely continue in 2023 if remote workers aren’t properly cyber aware.

In a recent report titled Future/Tense: Trend Micro Security Predictions for 2023, Trend Micro warned that in the upcoming year, threat actors will increase their efforts to exploit security flaws in the cloud, software supply chain, and home office.

Hybrid workers have changed the cybersecurity landscape

Goh Chee Hoh, Managing Director for Malaysia and Nascent Countries at Trend Micro, claimed that since the end of last year, businesses in Malaysia have either gone back to the office, made the switch to remote work permanently, or chosen a hybrid of the two. However, these arrangements take workers away from the security of a more secure and controlled IT environment at work.

According to the Trend Micro Cyber Risk Index for the first half of 2022, 42% of Malaysian respondents indicated their company’s security posture is secure for teleworkers. Still, just 39% deploy a fully encrypted tunnel for all devices used by their employees away from their physical offices.

“Renewed threat actors focus on unpatched virtual private networks (VPNs), connected home office devices, and back-end cloud infrastructure in 2023. In response, organizations will need to focus on helping overworked security teams by consolidating attack surface management and detection and response to a single, more cost-effective platform,” said Goh.

Since several corporate networks might be targeted using a single solution, VPNs make for a desirable target. Home routers will also be singled out because central IT frequently neglects to patch and manage them.

In addition to the threat posed to hybrid workers, the report predicts many developments that IT security leaders should be aware of in 2023, including:

• Ransomware-as-a-service (RaaS) organizations may reconsider their business model as the effect of double extortion diminishes. While some might focus on the cloud, others would avoid ransomware altogether and try to make money through other types of extortion, such as data theft.
• Using “living off the cloud” approaches to evade detection by traditional security measures may become the standard for groups attacking cloud infrastructure. An example would be downloading stolen data into the attacker’s storage location utilizing a victim’s backup software.
• The emergence of deepfake-based business email compromise (BEC) and the availability of BEC-as-a-service will boost social engineering.
• Risks associated with connected cars include attacks on cloud APIs that stand between embedded SIMs (eSIMs) in vehicles and back-end application servers. In the worst-case scenario, attacks might be used to access vehicles (e.g., the Tesla API). Malware that resides in open-source repositories may also affect the connected car industry.

How can organizations mitigate these emerging cyber threats?

Cybercriminals are more organized and skilled than ever, and their business models are created with a focus on broad market penetration and attractive financial objectives. Essentially, organizations will also need to be more organized. They can do that by integrating critical approaches in their cybersecurity strategy, such as zero-trust solutions designed to minimize damage without compromising user productivity based on the mantra “never trust, always verify.”

Secondly, encouraging employee training and awareness-raising to transform a security chain’s weakest link into a strong point of defense.

In addition, consolidate attack surface monitoring, threat detection, and response functions onto a single security platform. This approach will ease the workload on security teams, keep defenders fresh, and help businesses better detect suspicious activity across their networks.

Last but not least, integrate a software bill of materials (SBOM) for each application to speed up and improve vulnerability management by providing visibility into code created internally, purchased from businesses, and assembled from outside sources.

---

---

---

---