Cybersecurity has again remained under the limelight in 2022 and turned out to be a devastating year for cybersecurity threats. Just in the first half of 2022, there were 2.8 billion malware attacks and 236.1 million ransomware attacks across the globe. The dominance of threats is not due to organizations’ poor cybersecurity policies but due to new sophisticated tactics used by cybercriminals to breach through security defenses. Now we are in 2023, which is again believed to be one of the stressful years for cybersecurity. Therefore, this article presents the top cybersecurity threats that should be a concern for small businesses in 2023.
5 Top Emerging Cybersecurity Threats to Small Businesses in 2023
According to Cybersecurity Ventures, the global cost of cybercrimes will reach $10.5 trillion by 2025. It showcases the gradual increase of cyberattacks with every passing year. Talking specifically about 2023, below are the 5 top emerging cybersecurity threats to small businesses:
1. Microsoft Teams Spoofing
Microsoft Teams is highly used in today’s world, with around 280 million monthly active users. The growing user base of Teams has also let attackers use the platform for their criminal activities. One popular approach they are using these days is acting like the colleague or CEO, setting up the meeting, and then convincing the meeting participants to click the link or download a file.
For example, recently an attacker acted as a CEO and sent a WhatsApp message to several employees about joining a Teams meeting. Once employees joined the meeting, they saw a CEO video feed, which was actually scraped from a TV interview. The attacker didn’t turn on the audio and said that the issue might be due to a bad connection. Afterward, the attacker sent a SharePoint link in the chat. Employees did click the link, but luckily, they got blocked from accessing it. This way, attackers pretend to be someone and convince employees to click malicious links.
Other than the above tactic, cybercriminals are also impersonating Teams to steal Microsoft 365 login credentials of employees. Usually, they send an email tuned as an automated message that is sent from Teams, such as “There’s new activity in Teams”. The message looks legitimate, so often employees get into the trap and click the provided link. Once the link is pressed, it takes them to the malicious webpage requiring the victims to enter their email and password. This way, employees unintentionally provide their login credentials and let attackers into the network.
Avanan, a cybersecurity solutions provider, has witnessed thousands of attacks in which malware is sent in Teams chats. The reason why Teams is becoming a new favorite of attacks is because MS URLs are not readable, so you cannot detect a real link from a fake one. In addition, employees are more trained to detect suspicious phishing emails, but they think Teams has a trusted and secure platform. So, it’s the trust game that attackers are playing with employees using Microsoft Teams.
2. Google Appointment Spoofing
Another emerging cybersecurity threat is Google appointment spoofing. Google Calendar is one of the popular productivity tools of Google suite, which if used with default settings allows events to be added from an email containing event details. Similarly, it also adds the event if someone has included you in the event, even if they haven’t sent you the email invitation. This default setting trap is being used by cybercriminals these days.
What attackers do is inject an event into employees’ calendars without their knowledge by acting as one of their colleagues. The event can be about upcoming travel plans or an urgent meeting by CEO. In the meeting description, there can be words like “please click the below link to review the agenda before joining the meeting”. The link often includes a fake Google authentication page, which most employees unintentionally fill out with their login credentials. Eventually, this gives attackers the credentials they need to penetrate systems and make an impact.
Just like MS Teams spoofing, employees are becoming victims of Google appointment spoofing because they are not aware of this type of scam. However, the best way to protect from such threats is by blocking the automatic calendar events. Go to Settings > Events from Gmail and then uncheck “Automatically add events from Gmail to my calendar”. In addition, go to “Event settings” and change “Automatically add invitations” to “No”. This way, employees can minimize the chances of getting such attacks, but they still need to remain suspicious, just like with email spoofing.
3. Cloud Security Threats
Ever since the pandemic, businesses have been actively shifting their infrastructure to the cloud. As per estimates, there are about 70% of organizations that are using the cloud for hosting over 50% of workloads. However, the rapid cloud adoption has also resulted in plenty of vulnerabilities that are actively exploited by cybercriminals.
According to Check Point’s 2022 Cloud Security report, around 27% of organizations have encountered security incidents in their public cloud environments in the past 12 months. Since the cloud is a favorite hosting choice among small businesses, so the threat scale is also large for them. Misconfigurations, compromised user accounts, and API vulnerabilities are common loopholes in the cloud infrastructure of small businesses. Therefore, cloud security threats are likely to dominate in 2023.
4. MFA Fatigue
Most services are now offering multi-factor authentication (MFA) to have an additional layer of protection from password threats. However, cybercriminals have also started exploiting MFA. Consider that a business is using push notification-based MFA where employees receive a pop-up/prompt message to verify the sign-in request. Now this is where attackers come into action.
Attackers first steal employees’ login credentials and then send them a stream of sign-in requests. Employees might unintentionally click “Approve” due to their habitual behavior or click “Approve” to stop the prompt message from appearing again and again. Once the request is approved, attackers are in the account and can do whatever they want.
MFA fatigue is gaining pace with every passing year. The Uber internal systems breach in 2022 was the main highlighting event for MFA fatigue. Moreover, the August 2022 alone recorded 40,942 MFA attacks. So, MFA fatigue is the emerging cybersecurity threat for businesses of any size in 2023.
5. Crime As-A-Service
Cyberattack market has grown exponentially in the past few years. The phrase has changed from “will you become a victim of cyberattack” to “when you will become a victim of cyberattack”. Owing to the growing potential of cyber market, threat actors are now even offering crime as-a-service. For example, a few Meta employees were fired in 2022 when it was discovered that they were using employee privileges to provide unauthorized access of Facebook profiles and charging thousands of dollars in Bitcoin.
It is believed that threat actors will continue offering their tools and services to other cyber-criminals in subscription-based models. These as-a-service software solutions can then be used by hundreds of thousands of cybercriminals to conduct ransomware, phishing, distributed denial of service, and other attacks on all types of businesses. Therefore, 2023 is likely to see an increase in the black market of crime as-a-service.
Cybersecurity threats are a major concern of businesses across the globe. Even the tech giants that are known to have the best cybersecurity teams and protection in place are also becoming victim. So, 2023 does not seem to be any better compared to 2022. Cybercriminals will keep their attacking potential high, leveraging new technologies the most. The best strategy for small businesses is to closely monitor cybersecurity trends in 2023 and try to set up an effective cybersecurity defense system to minimize the chances of becoming victims.