Skip Navigation

March 6, 2023 |

Top cyber threats to watch for in 2023

Loading table of contents...

For years, threat actors have been mirroring technological changes, tweaking and refining their attack tactics to achieve greater success. We saw this first-hand years ago with the flurry of pandemic-themed phishing scams, assaults on improperly configured cloud apps, and more.

As someone with a pivotal role in securing private company data and systems, you know how critical it is to stay on top of new and emerging risks.

As you look to the future to update your company’s defence this year, keep these seven cyber threats top of mind.  

Attacks on tools enabling hybrid work  

As companies have adjusted to the modern hybrid work environment, we witnessed a stark increase in the adoption of remote access tools, video conferencing apps, and cloud-based services.  

Our cybersecurity analysts anticipate that threat actors will continue exploiting this expanded threat surface. They may focus their attacks on: 

  • Remote desktop apps
  • Misconfigured web-based services
  • Legacy operating systems
  • Unpatched internet–facing applications
  • Outdated browsers

We may also see a focus on serverless attacks as organizations continue adopting the cloud-service model.

To stay safe, remind employees that they are a target and can defend themselves by remaining vigilant and following cybersecurity best practices, such as:

  • Patching software regularly
  • Using strong passwords
  • Backing up data regularly


Emerging cybersecurity trends you need to know about—according to the experts.

Download now

Cyber-crime-as-a-service (CaaS)

Another top cyber threat in 2023 is the flourishing CaaS economy. New research found that off-the-shelf malware has never been easier to find or cheaper to buy, and almost anyone can find hundreds of illegal marketplaces in mere seconds.

Our team agrees that threat actors will continue participating in criminal online marketplaces, renting and selling items such as:

  • Phishing and exploit kits to gain initial access to victim systems
  • Stolen account credentials to impersonate a legitimate user
  • Databases of confidential personal and corporate information
  • Ransomware services and malware to encrypt and extort victims
  • Infrastructure to run the malware

Why is this a top threat? Well, despite extensive efforts by law enforcement to take down these online marketplaces, they still exist. This ability to buy and rent malware means anyone—even those with little or no hacking skills—can become a cybercriminal.

We may see the total number of attacks increase as threat actors capitalize on a highly scalable income stream and the fact that they no longer need a technical skillset to hack systems. They can simply buy or rent the tools to carry out their attack, and at a low price too.

Ongoing ransomware and extortion strategies 

Most companies have realized the importance of properly backing up data in case they're the victim of a ransomware attack. But there’s a new extortion technique that renders these efforts insufficient. 

Attackers start by doing their homework—researching the target’s assets and financials—and use this intel to set a ransom fee. Then, instead of encrypting the data and offering a decryption key in exchange for money, they threaten to release sensitive information publicly if the victim doesn’t pay. 

They coerce the target into paying by threatening to cause a data breach, a technique that exploits new privacy regulations that penalize companies for not properly securing private data. Attackers depend on the fact that their ransom may cost less than the penalties, fines, and reputation damage the company may face if they choose not to pay.

Exploiting vulnerable IoT devices

Internet of Things (IoT) devices—such as smart security cameras and thermostats—are quickly becoming a valuable target for attackers. We anticipate this trend will continue.

IoT devices connect to networks, cloud apps, and other technologies, and offer endless productivity benefits for businesses and individuals alike. Unfortunately, these devices are often connected to valuable company assets but are rarely built with security in mind, making them a weak link in your company's cyber strategy.

And while IoT manufacturers have started to focus more on incorporating security controls, many still prioritize functionality and affordability.

Spear phishing campaigns

Phishing continues to be one of the easiest, cheapest, and most popular cyberattack methods, and our team expects it will remain a top cyber threat in 2023 and beyond. But to ensure success and a higher return on investment, attackers may become more selective while choosing their victim. This is spear-phishing.

Thanks in part to the CaaS economy and phishing-as-a-service offerings, attackers can spend less time developing tools and more time researching their targets. They may form their attacks using personal information gained from social media accounts and company websites to create more convincing, and therefore successful, spear phishing campaigns.

Attackers may target specific groups, such as:

  • Online retailers, as they may operate on unsecured e-commerce platforms
  • Virtual education platforms, due to the increasing number of users
  • Healthcare institutions, as they collect a lot of sensitive data and, due to the critical nature of their business, may be more likely to pay a ransom

Living-off-the-land (LOTL) attacks

We expect LOTL attacks to remain a top cyber threat. Despite being mainstream for many years already, LOTL attacks often go undetected for long periods. These attacks make use of tools already installed on targeted computers—instead of uploading and executing custom malware, for example—a feature that makes them challenging to defend against.

Because they don’t generate any new files, attackers can fly under the radar of many security tools and cause significant amounts of damage. Consider this as you add or swap out security solutions this year. Covalence is one example of a cybersecurity platform intelligent enough to spot a wide range of threats and vulnerabilities, including discreet LOTL attacks.

What’s next for cybersecurity?

Cybersecurity is a constantly evolving field. As new threats emerge, new security solutions are needed to defend against them.

Find out what’s in store for cybersecurity—including emerging trends, insights, and predictions from the experts at Field Effect—in our new eBook, The State of Cybersecurity.