Google outlines 6 cybersecurity predictions for 2023

It’s no secret that cybercrime is a growth industry. Just last year, the FBI estimated that internet crime cost $6.9 billion. The worse news is that Google’s cybersecurity predictions for 2023 anticipate that this malicious economy will only continue to expand and diversify. 

Recently, VentureBeat had the opportunity to connect with some of Google’s top security leaders and analysts. They indicated that threat actor techniques will evolve considerably over the next 12 months.  

Predictions include an increase in ransomware and insider risk as attackers target trusted employees with extortion attempts; cybercrime “vendors” shifting toward new business models; and, more positively, broader adoption of passkeys technology. Read on for their full insights.

1. Identity and authentication attacks will remain a constant threat 

“Organizations will continue to struggle with identity- and authentication-related attacks, where relatively unsophisticated threat actors are able to purchase credentials in the underground, or con their way into the organization. 

“As a result, platform makers will be pressured to help consumers and enterprises defend against malware that steals those credentials.” 

— Heather Adkins, VP of security engineering, Google 

2. Insider risk will increase as threat actors target trusted employees 

“We will see increases in insider risks, with attackers attempting to coerce and extort otherwise trusted insiders to commit malicious acts. Meanwhile, federated identity and authentication vendors will come under increasing attack to attempt to target other software as a service (SaaS) providers. 

“We’ll also see people start to realize the Y2K-scale level of work involved in transitioning to post quantum cryptography.” 

— Phil Venables, (CISO), Google Cloud 

3. Ransomware attacks on public and private sectors will continue to increase 

“Globally, we’ll see the continued growth and prominence of ransomware attacks across [the] public and private sectors. Across the wider attack surface, industry-specific threats and capabilities will grow, affecting verticals including healthcare, energy, finance and more.

“As an industry, our ongoing research and work on supply chain security, especially on the heels of major attacks, will continue to reveal how much more collaborative work needs to be done.”

— Royal Hansen, VP of privacy, safety and security, Google 

4. Broader adoption of passkeys technology 

“Beyond password management and account security improvements, we’ll see broader passkey adoption from developers [and] users, and in [the] common security vernacular. 

“We can also expect to see SMS/one-time password (OTP) phishing continue to rise, so websites and apps will be more likely to adopt passkeys for both consumer-facing and internal admin tools. 

“In a hybrid corporate environment, and with more work happening on the web, the browser will become an even more strategic asset for enterprise security. 

“In terms of workforce, the demand for cybersecurity experience and capability at all levels of organizations in the private and public sector will continue to surpass available talent. This will underscore the need for investment in multidisciplinary cybersecurity skills development for the future.” 

— Parisa Tabriz, VP of Chrome browser, Google 

5. Cybercrime vendors will shift their business models 

“We will see greater pressure on commercial spyware vendors, and hack-for-hire operators, from both tech companies and governments. However, these threat actors won’t go away; we will instead see reorganization, renaming and some shifts in business models. 

“Globally, China and Russia will continue to focus heavily on regional issues, including activity related to Ukraine. 

“As campaigns for the 2024 election commence, campaign and election security will be front and center issues, including discussion around information operations (IO.)” 

— Shane Huntley, senior director of Google’s Threat Analysis Group (TAG) 

6. Cybercriminals will look to target reused passwords and secret question fields 

“With so many data breach dumps circulating on the dark web, we’ll see a surge of attacks leveraging not only reused passwords, but also all the secret question fields (birthdate, SSN, street addresses or others). 

“To defend themselves, apps and websites will increasingly adopt secure authentication, like federated identity and passkeys — in lieu of username, password, SMS code and others — with the added benefit that these mechanisms are also easier and more convenient for users.” 

— Mark Risher, senior director for platforms and ecosystems at Google