Global Forecasts
More Attacks by Non-Organized Attackers and Non-Nation State Attackers
In 2023 we expect to see more intrusions conducted by non-organized attackers and non-nation state attackers. More of the threat actors operating out of North America and Europe will likely be younger, and conducting intrusion operations not because they’re interested in making money specifically, or because governments have tasked them with doing it, but because they want to be able to brag to their friends or boast online that they’ve hacked into and brought embarrassment to prominent organizations. While they will be happy to achieve financial gain, that may not necessarily be their lead motivation.
Europe May Surpass the United States as the Most Targeted Region for Ransomware
Ransomware continues to have a significant impact on businesses across the globe. While reports show that the U.S. is the country most targeted by ransomware attacks worldwide,1 small indicators show that ransomware activity is decreasing in the United States and growing in other regions.2 In Europe, the number of victims is increasing, and if that increase continues, Europe will likely become the most targeted region in 2023. The United States has been very outspoken on policies, sanctions and the potential of a response in the cyber domain concerning ransomware and other attacks. However, it is hard to conclude if the more aggressive stance on ransomware actually deters attacks.
More Extortion, Less Ransomware
Historically, cyber criminals have used ransomware to monetize access into a victim’s network. Due to several high-profile and visible breaches last year, organizations see mitigating brand damage as a much more compelling reason to pay a ransom than regaining access to encrypted systems. Over the next year, we will continue to see criminals rely on extortion, but actual ransomware deployments may decline. Ransomware-as-a-service (RaaS) providers will modernize their software to focus on data exfiltration and “leak sites” for public shaming.