Splunk 2023 predictions: The rise of cybercrime-as-a-service and why organizations should be aware
- Ransomware attacks have affected 79% of enterprises worldwide
- The deluge of ransomware attacks hasn’t subsided, and educational institutions are particularly at risk because K–12 schools are the most popular targets
When talking about as-a-service model, consumers think of its flexibility since they can pick the service level that best suits their needs and can simply scale up or down as necessary. However, nowadays, it’s just being used for all the wrong reasons – precisely, malicious reasons. Cybercrime-as-a-service has proliferated in recent years because it makes it possible for people with no technical expertise to participate in illegal activity.
Not the as-a-service people want to encounter.
Cybercrime-as-a-service poses a threat because it makes it possible for various people and organizations to engage in harmful online activity, making it challenging for law enforcement to detect and stop. People and businesses must be aware of the risks posed by cybercrime-as-a-service and take precautions to protect against them.
According to research from Splunk’s 2022 State of Security report, ransomware attacks have affected 79% of enterprises globally. Of the victim cohort, 35%, or over half, reported that an attack caused them to lose access to data and systems.
There is no stopping ransomware. Ransomware is so popular that criminals will continue to innovate. “Ransomware actors will move straight to extortion, skipping the encryption,” Ryan Kovar, Splunk distinguished security strategist says. “We’ve seen a few cases out there already. With classic ransomware, when you lock every user out of the network, the world knows you’ve been compromised. Imagine instead that the ransomware operator goes in and only exfiltrates sensitive IP or customer data.
According to Mick Baccio, global security strategist for Splunk, ransomware has transitioned from a service to an economy. It’s boring to look at ransomware from a technical standpoint. However, because it’s so simple to set up and with the inclusion of other services, it has expanded into an entire ecosystem.
“It’s getting faster, it’s getting more efficient. Ransomware operators are learning IT operations at the enterprise scale,” said Baccio.
Splunk’s predictions for 2023.
Splunk recently released four 2023 Predictions reports that explain how a fusion of trends and technologies will alter company resilience in the coming year. The report editions highlight trends in four critical categories: IT and observability, data security, Leadership trends and emerging technologies, and the public sector.
Organizations worldwide are managing increasingly complicated circumstances, including sophisticated cyber threats, macroeconomic volatility, and talent shortages.
According to Patrick Coughlin, Vice President of GTM Strategy and Specialization at Splunk, a focus on value, opportunity, and business resilience in 2023 will help teams continue to innovate, evolve, and flourish. “The technologies that matter in protecting cyber resilience are converging, and the organizational structure and siloes are coming together. Data has been converging for a decade and we are entering the golden age in how we think about cybersecurity and talent resources,” Coughlin continued.
The 2023 predictions include insights on the current and next technical and economic landscape from several top leaders and technology specialists at Splunk:
Leadership trends and emerging technologies.
- As the new value emphasizes, strategic organizations focus on resilience, elevating leadership and bringing together relevant data and technologies. Organizations are working on updating, streamlining, and cutting expenses while attempting to make their environments more visible.
- Organizations should anticipate that the value will focus on the digital experience and specific customer service enhancements over the upcoming year.
- Ransomware actors will forego encryption and proceed directly to online extortion. As ransomware gangs continue to vary their portfolios for the most lucrative impact, they will choose to avoid locking systems and concentrate on gaining access to sensitive IP or customer data that could result in businesses paying ransomware demands covertly.
- In 2023, CEO deep fakes, CEO social media account takeovers, and memestocks may cause unease in the public and private markets.
- Ransomware attacks will become more sophisticated and persistent, particularly against K–12 schools. The deluge of ransomware attacks hasn’t subsided, and educational institutions are particularly at risk because K–12 schools are the most popular targets. Although simple cybersecurity procedures will stop many assaults, no organization can guarantee that all attacks will be stopped.
- To address the talent shortage, public sector organizations will prioritize creative short-term solutions over long-term ones. Public sector firms can prepare for a talent shortage by incorporating predicted departures into hiring plans and anticipating short staff retention times.
IT and observability.
- Observability will be the new face of the digital experience and transformation. Observability is now a core competency to drive digital transformation. For most firms, the complexity of larger, faster digital transformation is a problem, and the tools that handle that complexity will be even more crucial.
- Once observability becomes standard, automation will become the next differentiator. The next important step in automation is to make it smarter. This step will involve various tasks, such as warnings and responses to system failures and cyberattacks and efficiently onboarding new employees.
Overall, security professionals can be sure that they’ll always be needed and actively involved in securing everyone’s homes, workplaces, coffee shops, and other locations.
- Is the Carsome unicorn status in Malaysia overhyped amidst recent layoffs?
- Managing cybersecurity risks caused by employees can be as harmful as hacking in APAC
- Fintechs leading the change for AI adoption in risk and compliance
- Gaming to learn – the latest in AI education
- Manufacturers solve the puzzle to achieve both growth and profitability: Better ERP support