KUALA LUMPUR (Dec 14): Japanese multinational cybersecurity software company Trend Micro Inc has warned that cyber threat actors will ramp up attacks targeting security blind spots in the home office, software supply chain, and cloud in the coming year.

In conjunction with a report titled Future/Tense: Trend Micro Security Predictions for 2023 released on Wednesday (Dec 14), Trend Micro managing director for Malaysia and nascent countries Goh Chee Hoh said since end last year, organisations in Malaysia have either returned to the office, permanently switching to remote arrangements, or opting for a combination of both.

"However, these arrangements take employees away from the safety of a more secure and monitored IT environment in the office.

“Renewed threat actor focuses on unpatched virtual private networks (VPNs), connected home office devices, and back-end cloud infrastructure in 2023.

“In response, organisations will need to focus on helping overworked security teams by consolidating attack surface management and detection and response to a single, more cost-effective platform,” said Goh.

He said VPNs represent a particularly attractive target as a single solution could be exploited to target multiple corporate networks.

Home routers will also be singled out as they’re often left unpatched and unmanaged by central IT, he said.

Trend Micro recommends organizations mitigate these emerging threats in 2023 via:

- Zero trust strategies built on a “never trust, always verify” mantra, to minimize damage without sacrificing user productivity.

- Employee training and awareness raising to turn a weak link in the security chain into an effective line of defense.

- Consolidating onto a single security platform for all attack surface monitoring and threat detection and response. This will improve a company’s ability to catch suspicious activity across their networks, reduce the burden on security teams and keep defenders sharp.

- Stress testing IT infrastructures to ensure attack readiness in different scenarios, especially ones where a perimeter gateway has already been breached.

- A software bill of materials (SBOM) for every application, to accelerate and enhance vulnerability management—by delivering visibility into code developed in- house, bought from commercial sources, and built from third-party sources.