AI in the blackmail software, spies in the zoom chat, and even more authorities in the sights of the network gangsters – which attack strategies companies and consumers have to be particularly careful of in the new year.

Compared to the fears that a wave of cyber attacks would also roll out against Western European countries as a result of the Ukraine war, the past year went surprisingly lightly. There is no question that blackmail hacker attacks with ransomware – malware that encrypts the IT systems of the hacking victims – have reached a new high. DDoS attacks, which aim to cause the attacked computer systems to collapse under a load of access, have long been part of everyday cyber defense business. But that is now the background noise in cybercriminal’s everyday life.

There were no really serious online attacks with global effects that pointed to military or secret service actors in 2022. Russia’s cyber warriors, so feared until now, proved to be unexpectedly effective in attacks on Ukraine and surprisingly harmless compared to the West. Can politics and business breathe a sigh of relief? Is that an indication of a fundamental decline in IT threats?

Unfortunately not, as a survey of cyber experts shows. At the turn of the year, they describe for WirtschaftsWoche what they believe will be the most dangerous hacker trends in 2023.

Hackers use artificial intelligence

For Mikko Hypponen, the use of artificial intelligence (AI) will be one of the most important innovations in cybercriminals’ arsenal in the new year. “The big hacker groups have now made so much money with blackmail that they can now lure extremely highly paid AI experts from the civil economy with even better wages in the shadow economy of the network,” says the head of research at the Finnish IT security service provider With secure.

With this know-how, the criminals could automate ransomware attacks in particular and adapt blackmail software much faster and more effectively in order to bypass the defense systems of the attacked companies, explains the expert. One consequence will be that modifications of attack programs will appear in much shorter succession than before.

Attacks across Teams, Slack, and Zoom

During the pandemic, video conferencing has conquered everyday work in companies faster and more sustainably than almost any other technology. And they will hardly lose their relevance in post-Covid times.

This would also make them attractive as an additional gateway for cybercriminals, emphasizes Thorsten Urbanski, IT security expert at cybersecurity service provider ESET.

Numerous examples during the pandemic show how easily hackers can exploit such communication platforms when attackers were able to dial into poorly protected online conferences unnoticed. In addition, access data stolen by phishing allowed criminals to gain access to properly secured meetings in the company network and thus steal sensitive internal and company information. “Especially in small and medium-sized businesses, which are often highly innovative but tend to be less well protected in the digital world and which usually cannot afford large IT departments, attacks via teams and the like are likely to become a significant problem,” warns Urbanski.

Authorities are increasingly coming into focus

Cases like the cities of Berlin, Wesel, and Witten or the district of Anhalt-Bitterfeld, all of which were the target of cyber attacks with encryption programs, were exceptions last year. But that will change in the future, according to Tommy Grosche, the German head of IT provider Fortinet, which specializes in cyber security. So far, cities and authorities have usually been the ‘by-catch’ of widespread but untargeted attacks, reports the IT expert, “but in future, they will increasingly be the focus of digital attackers”. Be it because criminal hackers discovered the revenue potential of blackmailing public administrations as a business model. Be it because politically motivated actors deliberately tried to paralyze the IT systems of public authorities that are relevant to society.