Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Enterprise threats in 2023

Issue 8 2022 News & Events, Information Security

Researchers at Kaspersky’s Security Services shared their predictions for this year’s trending cyberthreats that large businesses and government structures should prepare for. They include cybercriminals using media to blackmail organisations, reporting alleged data leaks, and purchasing initial access to previously compromised companies on the darknet. Other threats involve the rise of the Malware-as-a-Service model and attacks via the cloud. This report is a part of Kaspersky Security Bulletin (KSB) – an annual series of predictions and analytical reports on key shifts within the cybersecurity world.

Hacker attacks repeatedly harm individuals, damage corporations, and can even threaten entire countries, and not just financially. The media routinely report incidents and data breaches that become publicly accessible on the dark web. This threatens not only personal privacy, but also companies’ reputations. As part of the Kaspersky Security Bulletin, the Kaspersky Security Services experts – a group that helps businesses enhance existing security systems and equips them to meet new threats – has reviewed the threats that will be relevant to big business and the government sector this year.

Countdown to blackmail

Ransomware actors are increasingly posting about new successful hacking incidents perpetrated on businesses in their blogs – the number of such publications grew in 2022. The peak number exceeded 500 per month, and this occurred several times between the end of 2021 and the first half of 2022. This compares to 200 to 300 posts observed monthly by experts at the beginning of 2021. Extortionists were also active at the end last year: in September and November, Kaspersky’s Digital Footprint Intelligence tracked roughly 400 and 500 posts, respectively.

Cybercriminals used to reach the victim directly, but now they post about the security breach in their blogs immediately, setting a countdown timer to the publication of the leaked data instead of privately demanding a ransom. This dark trend will continue developing in 2023 because this tactic benefits cybercriminals whether the victim pays up or not. Data is often auctioned, with the closing bid sometimes exceeding the demanded ransom.

Cybercriminals post about fake leaks to boost their reputation

Blog posts about extortion attract media attention, and some lesser-known actors might take advantage of this in 2023, by claiming they have allegedly hacked a company. Whether the hack actually happened or not, a leak report might hurt the business. The key to staying safe is to identify these messages in a timely fashion and initiate a response process similar to that used in information security incidents.

More personal data leaks, corporate emails at risk

The experts expect the trend of personal data leaks to continue into 2023. Even though it directly influences individuals’ privacy, corporate cybersecurity is put at risk as well. People often use work email addresses to register with third-party sites, which can be exposed to a data leak. When sensitive information such as email addresses become publicly accessible, it may invoke the interest of cybercriminals and trigger discussions of potential attacks on the organisation on darknet websites; additionally, the data can be used for phishing and social engineering.

Malware-as-a-service and attacks via cloud

Experts also expect ransomware attacks to grow in similarity due to the rise of malware-as-a-service (MaaS) tools. The complexity of attacks will increase, meaning automated systems will not be sufficient to ensure complete security. Furthermore, cloud technology will become a popular attack vector, as digitalisation brings increased cybersecurity risks with it. Apart from that, cybercriminals will tap dark web sites more often in 2023 to purchase access to previously compromised organisations.

"The threat landscape is rapidly developing, and companies are being forced to adapt quickly. In order to protect a large business or a government agency from trending threats, it is necessary to monitor the digital footprint of the organisation. It is important to be prepared to investigate and respond to incidents, since it is not always possible to stop attackers before they penetrate a perimeter. However, preventing an attack development and limiting potential damage is an absolutely feasible task," said Anna Pavlovskaya, security services analyst at Kaspersky.

To read the full report on enterprise security threats in 2023, go to Securelist.com.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

From the editor's desk: It’s all about data
Technews Publishing News & Events
      Welcome to the SMART Access and Identity Handbook 2026. We have slightly changed the handbook this year, specifically the selection guides, but there is still a lot of industry information inside, and ...

Read more...
Zero Trust access control
Technews Publishing SMART Security Solutions CASA Software NEC XON Editor's Choice Access Control & Identity Management Information Security
Zero Trust Architecture enforces the rule of ‘never trust, always verify’. It changes an organisation’s security posture by assuming that threats exist both inside and outside the perimeter, and it applies to information and physical security.

Read more...
Reshaping South Africa’s built environment
Securex South Africa Facilities & Building Management News & Events Commercial (Industry)
FM teams are responsible for the overall operational environment of a building, while security teams focus on protection, control, and incident response. Increasingly, both rely on the same data streams, infrastructure, and digital tools.

Read more...
Integrated security key to protecting cloud applications
Infrastructure Information Security
Cloud-native applications have transformed the way businesses operate, enabling faster innovation, greater agility, and enhanced scalability. Yet this evolution brings an equally complex security landscape.

Read more...
Factories, grids, and finance: Critical infrastructure cyber lessons of 2025
Asset Management Information Security Industrial (Industry)
Africa has seen an accelerated, large-scale digitisation of our overall industrial base, and this rapid convergence of IT and OT is happening on a foundation that, in essence, was not designed to be cybersecure.

Read more...
Banking’s AI reckoning
Financial (Industry) News & Events AI & Data Analytics
From agentic commerce disputes to quantum-powered risk modelling, SAS experts offer a ‘banker’s dozen,’ 13 industry-defining predictions that will separate institutions that master intelligent banking from those still struggling with the basics.

Read more...
Axis signs CISA Secure by Design pledge
Axis Communications SA News & Events Surveillance Information Security
Axis Communications has signed the United States Cybersecurity & Infrastructure Security Agency’s (CISA) Secure by Design pledge, signalling the company’s commitment to upholding and transparently communicating the cybersecurity posture of its products.

Read more...
Five key technology trends for the security sector in 2026
Axis Communications SA News & Events Surveillance
Axis Communications examines trends it considers important for 2026, as technology and customer requirements continue to evolve, but the basic security needs of end users remain constant.

Read more...
DeepAlert appoints Howard Harrison as CEO
DeepAlert News & Events AI & Data Analytics
DeepAlert has appointed Howard Harrison as chief executive officer. DeepAlert’s founder and CEO of the past six years, Dr Jasper Horrell, will transition into a newly created role as chief innovation officer.

Read more...
AI agent suite for control rooms
Milestone Systems News & Events Surveillance AI & Data Analytics
Visionplatform.ai announced the public launch of its new visionplatform.ai Agent Suite for Milestone XProtect, adding reasoning, context and assisted decision-making on top of existing video analytics and events — without sending video to the cloud.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.