This blog comes as a companion piece to our 2023 Infosecurity Predictions webinar and to echo one of the earliest sentiments from Tim Helming, “we know you have a choice in predictions webinars/blogs/listicles…thank you for choosing this one.” We’ll summarize some of the major talking points from our webinar and go a step further to provide links to the articles mentioned. We hope you’re able to check out the recording in its entirety for additional context and explanations. We’ll check back next year to see if any of these predictions came true!
The Extinct Elephant in the Room
We’ll just go ahead and get this one out of the way – I’m sure you’ve noticed the shift from one platform to another (Mastodon, to be exact), and we’re feeling fairly confident that it’s going to stick around. Is the UI a bit jarring? Sure, but we’re not letting it stop us from getting in there and playing around with it – and even finding that we might actually enjoy it a bit. We at DomainTools like it enough that we shared a tips and tricks for Mastodon blog post back in November.
Up in the Sky
In 2022, we saw more commercial satellites in space (you can literally see some of them!) But their prominence could make them a target – Russia has even threatened to target commercial satellites. These satellite systems are changing how people have access to the Internet across the planet, and we think this could have a profound impact on communication, commerce, and conflict in 2023 and beyond.
The Ukraine/Russia Conflict
Sean notes in the recording his 2019 prediction was that we’d see our first full-on cyberwar, and he honestly meant it to be more click bait-y than anything else, but unfortunately that prediction did come true this past year as the Ukraine/Russia conflict being the world’s first true cyberwar. Sean cites The Economist which digs into what we’ve learned thus far as the war continues. It appeared Russia began with taking out some satellite communications, but quickly pivoted back to a land-based invasion and we didn’t see a big takedown of of Ukraine’s power grid. There’s a lot of speculation and unanswered questions surrounding strategies at this time – and we might not have those answers for decades. But our prediction regarding this ongoing conflict is we’ll see new paradigms of the attacker and defense scenarios and cyberwar will mature rapidly as a result.
As a sub-prediction to this topic, there are a number of security companies in the private sector coming to Ukraine’s aid, and we predict that those organizations could become targets in 2023.
Recession Watch, 2023 Edition
The back half of 2022 was all about potential recession speculation and while we certainly don’t hope we’re heading there, as it stands at the time of our webinar and this writing, it seems likely.
Should a recession occur in 2023, we predict fraud surrounding unemployment and benefits will make a resurgence. As Daniel explains in the webinar, Washington state experienced this in 2020 at the height of the pandemic and ended up losing $645 million to malicious actors impersonating others and stealing identities during a vulnerable time.
Another possible outcome of a recession is people looking to make extra money may turn to cybercrime. In recent years there has been commodification of tools and services used by bad actors to sell to others in the underground economy. And while not explicitly mentioned in the webinar, on the Breaking Badness podcast we recently discussed scammers getting scammed by other scammers, and another offshoot of this prediction is that if those who haven’t previously committed cybercrimes begin making attempts, it’s possible those numbers will rise.
AI Deepfakes and ChatGPT
ChatGPT is having a moment! It’s an interesting tool and people are having fun experimenting with it. On the other hand, it’s a bit scary because it might be too good and has the potential to get even better. It could make a scammer’s life easier if it can create thousands of grammatically correct emails, making spam detection that much harder. ChatGPT and deepfakes could also be used in other scenarios to make defender’s lives more challenging, and we predict this could come to pass in 2023.
This is another topic we discussed on the podcast recently. We walked through Rick Osgood’s blog post on how he taught ChatGPT to create both a convincing phishing email along with a correlating landing page. While we haven’t seen this occur in the wild yet, it seems likely we’ll see it soon.
China and Chip Schematics
This past fall the US shared export changes around chips that have AI, telling China they can’t have access to them, use US-based software to develop their own, and they can’t get manufacturing technology. So the question becomes, how will this affect US/China relations?
Currently, China is experiencing issues with Covid restrictions, so our prediction at the moment is they may not be focused on this at present, but with their Made in China 2025 efforts, they will eventually refocus.
While many have speculated Twitter’s demise, we believe that might be exaggerated. Perhaps it’s cognitive bias that things will stay the same more than they’ll change, but while a number of people are no longer there, there are many who still are. It’ll be interesting to see how this continues to unfold in 2023.
Our First Incorrect Prediction
We hope you found these predictions interesting and thought-provoking. Please keep in mind that these predictions are just that – we don’t know what the future holds, but we can look at past behaviors as a way to prepare for what could be possible.
We do have our first incorrect prediction – maybe not for 2023, but for our webinar event:
If you’re a soccer/football fan, even just for the World Cup, you’ll know that all three champion predictions were incorrect, with Tim Helming being closest with his prediction for Morocco’s run. Congratulations to Argentina for their well-earned and exciting victory!