Contributed by George Mack, Content Marketing Manager, Check Point Software.

Cyber crime is big business, and it has proved to be extremely profitable for threat actors. Sophisticated criminal syndicates are taking cues from Fortune 500 companies—implementing strict hierarchies, payroll, HR, and more.

In 2022, the world witnessed defining events across the cyber landscape, from the Russia-Ukraine war and state-sponsored attacks to Conti’s ransomware attacks on the countries of Costa Rica and Peru— not to mention a myriad of multi-million-dollar scams in crypto.

What can we expect moving forward?

Country-level extortion attacks

When ransomware was first introduced, it was mainly individuals or small groups who conducted ransomware operations, distributing ransom emails to collect small amounts of ransom from individuals.

Over the years, hackers realized how lucrative it is to target large corporations that have revenues in the hundreds of millions and sometimes billions of dollars, as they can afford to pay larger sums of money to recover their data.

Now, hackers are picking fights with entire countries. For example, the Conti ransomware group extorted the countries of Costa Rica and Peru, and Lapsus$ also began attacking governmental entities.

With a scale of operations that involves research and development, quality assurance, HR, and physical offices, ransomware gangs can now take on any entity, no matter the size.

Large ransomware groups, however, have an inherent vulnerability: Due to their size, it is difficult for them to stay under the radar. It’s hard to conceal a multi-million dollar business that employs hundreds of skilled workers with offices in major cities. The larger the business, the more it becomes dependent on the cooperation or at least passive acceptance from the national authorities in the government. As a result, groups are forced to align with the geopolitical interests of their home countries.

Cloud supply chain attacks

As many as 98 percent of companies use cloud-based services, and 76 percent of them have multi-cloud environments, utilizing services from two or more cloud providers. When organizations move to the cloud, this increases their reliance on third parties and partners, which can exacerbate the risk of threats throughout the supply chain.

Supply chain attacks became mainstream in the past few years, from the SolarWinds Orion software breach – an innovative on-premise-to-cloud incident in which hackers leveraged a backdoor to gain access into private cloud environments – to the Log4Shell vulnerability, a bug that allowed threat actors to gain control over Java-based web servers and execute malicious code.

When it comes to your chosen cloud provider, such as AWS or Azure, you cannot control how the platform conducts its security. However, you should have multiple layers of security, so that if a cloud provider does get breached, you are able to mitigate the fallout. Implementing zero-trust and least privilege access can also help contain and stop the spread of an attack.

First attacks in the metaverse

The metaverse is a hot topic. It promises an escape from reality through a headset that beams a 3D virtual reality to the user. It allows you to live a rich digital life in which you can spend time together with friends, shop for real or virtual items, play games, and more. However, with all the discussion surrounding the metaverse, one issue is often overlooked: cyber security.

For the metaverse to survive cyber security threats, it must adopt a zero trust model that requires strict identity checks, preventing bad actors from infiltrating networks. With such large amounts of data hosted in the metaverse, a zero trust model in combination with AI-driven cyber security tools will be an effective way of reducing the theft of sensitive information.

As the metaverse starts to evolve, the companies involved in creating it or any related products need to start building a more secure experience in its early iterations. By doing so, this will help reduce the number of security incidents as the metaverse grows.


As hackers become more sophisticated, companies will need to revamp their security strategies to keep up with the latest threats. This requires having a solid grasp of the current threat landscape and knowing where it’s headed.

Country-level extortion attacks, metaverse threats, and developments in email infections chains are a few threats you can expect in 2023, but there are other cyber attacks you need to keep in mind.

To get the complete list of all five cyber threats you should expect in 2023 – and to learn how to prevent them – download the whitepaper today.