Cyber incidents and why they’re like weather events

Cyber incidents and why they're like weather events

“Organisations undergoing digital transformation, particularly in healthcare, will be the most at risk unless they can combine cybersecurity upskilling and outsourcing with behavioural analytics and AI (artificial intelligence) to improve visibility, prevention, and response to cyber threats in 2023 and beyond.”

Last year, Medibank chief executive David Koczkar “unreservedly” apologised to customers after the health company fell victim to cybercrime. Medibank provides private health insurance and health services to nearly four million people in Australia.

In New Zealand, among the recent victims was membership-based insurance and investment company Medical Assurance Society, by way of its outsourced call centre. 

“While evasion tactics, ransomware, and BEC (business email compromise) will continue to make headlines, so will blatant extortion,” noted BlackBerry. “The high-profile 2022 attacks on Medibank and Optus in Australia were not ransomware, but nation-state criminals stealing credentials or using open APIs (application programming interface) to unlawfully steal personal data for financial gain. 

“Regardless of the extremely questionable motivations of such threat actors, unless Australia is adequately protected, we are fair game – and this kind of trend is set to continue.”

BlackBerry’s cybersecurity predictions for 2023 include increased attacks on hospitals and healthcare organisations; the evolution of evasion tactics; and the widening of the cybersecurity skills gap. Software supply chain attacks, described as among the most destructive, are also under the spotlight, as well as quantum computing and how it might impact cybersecurity.

The firm highlighted: “New BlackBerry research found that four in five IT (information technology) decision-makers have been notified of an attack or vulnerability in their supply chain in the last 12 months.”

See also  High inflation, low growth to stifle economy in 2023 – Munich Re

What are your thoughts on cybersecurity? Share in the comments below.