Sikov - stock.adobe.com
The past 12 months have seen the security agenda dominated by the usual round of vulnerabilities, concerns over supply chain security and more besides. It was also a year in which governments around the world, but especially in the UK and US, started to flex their muscles in terms of active engagement in cyber security.
And in the end, it was probably geopolitical concerns that dominated the security news agenda. 2023 saw the emergence of a new class of threat actor determined on causing indiscriminate chaos, continuing Russian attempts to manipulate the political process, and massive exploitation of vulnerabilities by Chinese threat actors in the service of industrial espionage.
Here are Computer Weekly’s top 10 cyber security stories of 2023.
1. NCSC exposes Iranian, Russian spear-phishing campaign targeting UK
Towards the end of January the NCSC warned of a persistent campaign of hostile state-backed cyber attacks against UK political targets, journalists and other prominent individuals. The attacks, originating from Iran and Russia, sought to gather intelligence and undermine the political process. Later in the year the NCSC was able to firmly attribute the Russian activity to a group going by the name Star Blizzard.
2. NCSC warns over AI language models but rejects cyber alarmism
Huge public interest in generative artificial intelligence (AI) and the large language models (LLMs) that underpin them ensured that tools like ChatGPT dominated the entire tech news agenda in 2023. Some were quick to exploit this interest to spread fear, uncertainty and doubt about AI as they tried to prove that only their organisation had the answer to the potential cyber problems it poses, but the NCSC called for a more balanced approach.
3. What can security teams learn from a year of cyber warfare?
February 2023 marked a grim milestone as the first anniversary of Russia’s devastating war on Ukraine passed. Ukraine’s cyber defenders provided a masterclass in resilience during 2022 and 2023, and Computer Weekly took the temperature of the security community to find out what lessons we can all take away from their experience.
4. UK TikTok ban gives us all cause to consider social media security
The risks inherent in social media platforms have been well known for some years now, but with the landscape in flux in 2023 amid seismic change at Twitter, and growing concern over alleged Chinese influence on TikTok that culminated in a ban on the service’s use on UK government devices, the issue of managing what we share online, both as private individuals and representatives of organisations, never seemed more pertinent.
5. Lindy Cameron calls for collaboration and warns against complacency
The NCSC’s annual conference always generates headlines, and this year’s event in Belfast opened with a call for collaboration across the security industry, and a reminder not to succumb to complacency, from the organisation’s CEO Lindy Cameron. In her opening keynote, Cameron spoke of a multitude of challenges, from emerging technologies, to insecure software and hardware design, to cyber crime and state threat actors, and urged people to come together to address them.
6. GovAssure cyber regime launches across UK government
Threats to government departments and related bodies being magnified in recent years, this year saw the launch of the enhanced GovAssure cyber security regime, run out of the Cabinet Office, which set out to better protect the IT systems that underpin the UK’s public services. Among other things, the scheme will see the imposition of annual, more robust cyber security audits.
7. Barracuda ESG users told to throw away their hardware
There was embarrassment for some after a patch for a vulnerability found in Barracuda Networks’ email security gateway (ESG) product failed to work properly, meaning that users of at-risk hardware had to remove their appliances from service and seek a replacement. It subsequently emerged that the vulnerability in question was being heavily exploited by Chinese threat actors.
8. Microsoft issues new warning over Chinese cyber espionage
China was on Microsoft’s mind too, after it emerged that an advanced persistent threat (APT) actor was able to hack US government email accounts using a Microsoft account consumer signing key. The fall-out saw Microsoft heavily criticised by American politicians.
9. Datacentre management vulnerabilities leave public clouds at risk
With supply chain security still a key concern across the business world, 2023’s DEF CON hacking convention saw the publication of multiple vulnerabilities in key datacentre power supply and management products underpinning the world’s public cloud infrastructure. Although the affected products are little known to the layperson, such is their ubiquity that had they been chained and exploited, some of the biggest hyperscale players could have seen their services topple over.
10. Rogue state-aligned actors are most critical cyber threat to UK
The NCSC’s annual report this year detailed the emergence of a new class of cyber threat actor that is ideologically, rather than financially, motivated. Such groups are becoming increasingly emboldened to act with impunity, have a higher risk appetite, and may not be able to fully understand or control the impact of their actions, rendering them an extraordinary threat.