FORTINET recently unveiled its predictions about the cyberthreat landscape for the next 12 months and beyond. From quickly evolving cybercrime-as-a-service (CaaS)-fueled attacks to new exploits on non-traditional targets like edge devices or online worlds, the volume, variety, and scale of cyberthreats will keep security teams on high alert in 2023 and beyond. Following are the key takeaways for CISOs:

Success of RaaS a preview to CaaS. Given cybercriminal success with ransomware-as-a-service (RaaS), a growing number of additional attack vectors will be made available as a service through the dark web to fuel a significant expansion of cybercrime-as-a-service. Beyond the sale of ransomware and other malware-as-a-service offerings, new a la carte services will emerge. CaaS presents an attractive business model for threat actors. And for seasoned cybercriminals, creating and selling attack portfolios as-a-service offers a simple, quick, and repeatable payday. In addition, threat actors will also begin to leverage emerging attack vectors such as deepfakes, offering them more broadly for purchase.

One of the most important defenses against these adverse developments is cybersecurity awareness education and training. Organizations should consider adding new modules that provide education on spotting evolving methods such as AI-enabled threats.

Reconnaissance-as-a-service models for more effective attacks. The organized nature of cybercrime will enable more effective attack strategies involving the future of reconnaissance. As attacks become more targeted, threat actors will likely hire 'detectives' on the dark web to gather intelligence on a particular target before launching an attack. Like the insights one might gain from hiring a private investigator, reconnaissance-as-a-service offerings may serve up attack blueprints to include an organization's security schema, key cybersecurity personnel, the number of servers they have, known external vulnerabilities, and even compromised credentials for sale, or more, to help a cybercriminal carry out a highly targeted and effective attack.

Attacks fueled by CaaS models mean stopping adversaries earlier during reconnaissance will be important. Luring cybercriminals with deception technology will be an effective way to not only counter RaaS but also CaaS at the reconnaissance phase. Cybersecurity deception coupled with a digital risk protection (DRP) service will allow organizations to know the enemy and gain an advantage.

Money laundering gets a boost from automation. Cybercriminal organizations employ money mules who are knowingly or unknowingly used to help launder money. The money shuffling is typically done through anonymous wire transfer services or through crypto exchanges to avoid detection. Setting up money mule recruitment campaigns has historically been a time-consuming process, and cybercriminals will soon start using machine learning (ML) for recruitment targeting to better identify potential mules while reducing the time it takes to find these recruits.

Money laundering-as-a-service (LaaS) could quickly become mainstream as part of the growing CaaS portfolio. And for the organizations or individuals that fall victim to this type of cybercrime, the move to automation means that money laundering will be harder to trace.

Looking outside an organization for clues about future attack methods will be more important than ever, to help prepare before attacks take place. DRP services are critical for external threat surface assessments, to find and remediate security issues, and help gain contextual insights on current and imminent threats before an attack takes place.

Commoditization of wiper malware for more destructive attacks. Wiper malware has made a dramatic comeback in 2022, with attackers introducing new variants of this decade-old attack method. There was an increase in disk-wiping malware in conjunction with the war in Ukraine, but it was also detected in 24 other countries, not just in Europe.

Beyond the existing reality of threat actors combining a computer worm with wiper malware, and even ransomware for maximum impact, the concern going forward is the commoditization of wiper malware for cybercriminals.

Malware that may have been developed and deployed by nation-state actors could be picked up and re-used by criminal groups and used throughout the CaaS model. Given its broader availability combined with the right exploit, wiper malware could cause massive destruction in a short period of time to make time for detection and the speed at which security teams could remediate paramount.

Using AI-powered inline sandboxing is a good starting point to protect against sophisticated ransomware and wiper malware threats. It allows real-time protection against evolving attacks because it could ensure only benign files will be delivered to endpoints if integrated with a cybersecurity platform.

Note to cybersecurity professionals. The good news is that many of the tactics being used to execute these attacks are familiar, which better positions security teams to protect against them. Security solutions should be enhanced with machine learning (ML) and artificial intelligence (AI) so they could detect attack patterns and stop threats in real time. In today's threat landscape, a collection of point security solutions is no longer effective so a broad, integrated, and automated cybersecurity mesh platform is essential for reducing complexity and increasing security resiliency.