Car hacking is predicted to face increasing cybersecurity challenges in 2023, according to new predictions from Apricorn.
Intellectual property, automobile hacking, and economic challenges are just some of the areas facing cybersecurity challenges in 2023.
“Driven by nation-state threats, market competition and internal threats, many companies will face an increased risk of losing valuable intellectual property (IP) or having research and development (R&D) efforts thwarted by data leaks,’ says Jon Fielding, managing director EMEA of Apricorn.
“There needs to be a push for data encryption across all levels of business,” he says.
According to Apricorn’s 2022 UK IT Security Survey, 32% of IT leaders have introduced a policy to encrypt all corporate information in the last year. Almost half (47%) of organisations now require encryption of all data. But it’s still not enough.
“Encryption can protect data when it’s both at rest and in transit, and the stakes for not encrypting data are only getting higher. Sixteen percent of IT leaders surveyed admit a lack of encryption was the main cause of a data breach within their company. That’s up from 12% in 2021,” says Fielding.
“Our cars track more data than any of us have thought about,” says Fielding. “And while we’ve seen simulations of vehicles overtaken by hackers intent on causing terror, the real issue is how to protect the data they collect.”
“This coming year, automobile manufacturers should consider how to protect driver data – from dashcam footage to credit card information stored on phones connected via Bluetooth technology,” he says.
“Let’s not forget driver GPS location, which presents a serious security issue if accessed by the wrong person. The adoption of a 3-2-1 storage strategy and encryption of all data needs to be a manufacturing industry best practice. Automotive manufacturers need to innovate to protect this data.”
Fielding says organisations will likely be challenged by resource constraints brought on by economic challenges, staff shortages, and tech layoffs.
“Scarcity of resources puts additional strain on IT teams, leading to increased cybersecurity risks,” he says.
In order to avoid data loss and cyber attacks, organisations should focus on employee education.
Employees are the front line when it comes to preventing cyber attacks, yet according to Apricorn’s 2022 Global IT Security Survey, 72% say employees do not consider themselves at risk, driven by perceptions they are either too small a target and/or adequately protected.
“By investing in employee education, organisations can fortify data security with foundational prevention measures such as regular data backup with encryption, strong passwords, and multi-factor authentication,” Fielding says.
“Combined, these efforts effectively ensure data resiliency, even for organisations with limited resources.”
Cryptocurrency and Ransomware
“I predict in the coming year we’re likely to see an increase in ransomware attacks driven by instability in the global cryptocurrency market,” Fielding says.
“Ransomware attackers often demand payments in bitcoin and other cryptocurrencies for their data ransom schemes. The weakening of the crypto market is likely to push fraudsters to try making up their losses with additional attacks,” he says.
When it comes to ransomware and cyber-attacks, organisations need a formal and well-practiced plan to back up and recover their data.
The 3-2-1 method is an industry best practice, comprised of:
- at least 3 copies of data
- stored on at least 2 different media
- with a least 1 copy encrypted and held off-site and offline.
There’s a proven need for increased data resilience and effective data backup protocols can protect against ransomware attacks that hit more than one data source.
In Apricorn’s 2022 Global IT Security Survey, only one in five professionals reported following best practices such as backing up in real-time or using the 3-2-1 method that streamlines data restoration.
With regards to decentralised finance, Fielding predicts one of two things will start to emerge in 2023.
“Financial institutions will start to embrace cryptocurrency and try applying inhouse controls on top, such as KYC (know your customer protocols). It’s also possible governments will leverage the turmoil in cryptocurrency as a trojan horse to introduce their own form of digital currency, whilst phasing out physical currency,” Fielding says.
“The latter provides a path for government to exert more control over citizens – and intent should be challenged if we see moves in that direction.”
Fielding says the necessity for data restoration is a likely scenario in the coming year.
“With a variety of threats and risks that can lead to data loss, IT professionals need to focus on backing up their data in a useable form,” he says.
“Data backups are only effective for restoration when the data is recent, accurate, and accessible. With our reliance on cloud storage, increased risk of cyber-attacks, and potential employee errors, it’s important to put data backups to the test.
Backup and recovery strategies need to be intentional, practiced, and effective. Corrupted, compromised or out-of-date data will only hinder recovery efforts.
Apricorn’s survey highlighted that, although 99% of respondents had a back-up strategy, 26% of those who recovered data from a backup were unable to fully restore all their data.