Cyber threats in 2023: Money, logistics, energy under attack

A new year and a host of new threats — particularly in the cyber arena. Energy, transportation, and finance: All are in the crosshairs of hackers, and each is a bigger target every day.

“The systems are very-very old systems and you can't set up new infrastructure and security systems on old environments because they don't match, and because of that they become more and more vulnerable,” said Eli Levin, founder of Israel's ELPC cybersecurity. 

From North Korea attempting to fund missile development to Iran lashing out at enemy nations to organized crime looking for a quick buck.

“It could be damage that no one knows is damage. Once there is a security breach someone can be inside your system for an entire year, take what they want and leave. You never know,” said Levin.

His company ELPC has identified holes in the firewalls used by much of the Israeli tech scene — a pillar of the nation's economy — and in a demonstration, his people breached it in just moments. 

Even a normal charging or data cable can pose danger. A hacking tool developed by the National Security Agency for espionage is now available online for just a few dollars.

“It's very cheap to just spread a USB drive or even a cable and use that to insert malware or any other payload into a computer and steal data,” explained Ilan Kaplan, CSO at Sepio Systems.

Sepio Systems is thwarting physical attack plans as inserting a device into computers to hack them is making a comeback. Because of global supply chains, any circuitry component can come pre-loaded with malicious intent.

“The supply chain has become a vector, especially for larger organizations with thousands of devices, keyboards, mouse, charging cable… you have no way to verify in the supply chain that every one of those devices is safe,” said Kaplan.

Even when they don't, many standard devices are unencrypted — it takes just 20 seconds to lock this computer through its wireless mouse.

Attacks have devastating consequences, especially with transportation being run on computers. Last week, a corrupted file grounded airplanes across America's east coast and the rail system is even more susceptible to attack.

“This is swiftly becoming part of the new warfare game and cyberwar scene because through rail you can significantly affect a nation — its economy, its supply chain, its ability to move military assets and critical commercial activity,” said Roie Onn, CEO and co-founder of Cervello. 

His company is working to secure rail systems, whose digital infrastructure is typically decades out of date and impossible to update.

“By stopping or creating problems in the operational subsystems of the rail, you cause complete disruption, because organizations today don't have tools to overcome such a situation,” Onn added. 

In each case, the targets are old and traditional. Money, logistics, and critical systems to ransom, but the methods are growing more powerful and cheaper, posing a major threat for 2023 and beyond.