Here we present the most relevant trends and milestones experienced in the cybersecurity industry in Costa Rica during 2023. This year there were attacks based on the exploitation of vulnerabilities present in software products and the expression of wars between nations in cyberspace continued.
On the other hand, generative artificial intelligence (AI) showed significant progress and was used by cybercriminals to optimize their attacks. These challenges for cybersecurity have given rise to protection trends throughout the technology development cycle, which include the use of AI in its favor, and in a defensive or preventive manner, and developments in authentication mechanisms.
The following are five trends and milestones in cybersecurity this year shared by experts:
Artificial intelligence against and for cybersecurity: Criminals have taken advantage of generative AI to create more convincing fraudulent messages. But AI has also been used for positive purposes, such as analyzing immense amounts of data from Internet connections and thus more quickly detecting and analyzing cyberattacks against organizations around the world.
In terms of supporting the preventive posture, that is, cybersecurity applied to systems throughout their development cycle, AI serves to help eliminate vulnerabilities found in software, either by generating guides that developers “they can follow or present the suggested modifications to the code so that they can simply accept or reject them.
Cyberwar: The war between Israel and Hamas, like that between Russia and Ukraine, has included cyberattacks by activist hackers, some with the intention of disrupting the services of websites, mainly those of the government and the military, and others seeking to impact nations sympathetic to any of the parties in conflict. For example, an increase in cyberattacks against the US, France, India and Italy have been linked to the activities of some groups that are anti-Israel and possibly associated with Russia, Iran or other nations.
Attacks on software supply chains: Cybercriminal groups have managed to cause large losses of money and reputation to organizations by infecting third-party software products used by them in their operations or their own products. This year, a data breach due to this type of attack cost an average of $4.63 million.
The constant threat of these attacks makes it very necessary to follow the recent trend of improving the security of the software supply chain, which includes not only having an updated list of those components or products in use and their security status, but also verifying their origin and review the security policies of the suppliers and their compliance with industry regulations.
Attacks on governments and critical infrastructure: Attacks that cause high costs for governments and paralyze services for large numbers of users are trending. For example, the kidnapping of IFX Networks client data in Colombia left at least 50 pages of state institutions offline, put health care at risk of collapse and forced the suspension of judicial activities, among other consequences.
The incident, just like the waves of cyberattacks on the Costa Rican government last year, in which a criminal group stole information from state agencies, highlights the need for Latin American countries to create state entities in charge of planning the strategy of cybersecurity to prevent, contain and react effectively to cyber attacks. This is urgent because the average cost of a data breach has reached $4.45 million.
More secure alternatives to passwords: Passwords have been replaced by access keys (in English, passkeys), which are a standard that consists of a PIN, pattern or biometric factor, such as face or fingerprint, to access to accounts in various applications. This alternative allows you to authenticate in half the time it takes to do so with passwords. In addition, they are more secure, because they are not processed by servers, but are saved only on the device, and, as they are used only in authorized applications, they prevent credentials from being shared on fraudulent sites.
Following a preventive posture
The relevance of following a preventive posture in cybersecurity continues to increase in the face of the current threat landscape, in which it can be seen that many companies impacted by cyberattacks are paying higher prices than ever. This position has required the adoption of new technologies and practices, taking into account how cybercriminals constantly improve their techniques, tactics and procedures.