Kev Eley, vice president of sales for Europe at Colorado-based security intelligence firm LogRhythm, also noted how companies need to improve cyber protection with the rapid transition to digital adoption, also expanding “the [cyber] threat surface.
“2022 will be a year of building resilience and embedding it into all aspects of business operations,” he wrote in an article for independent information security website Help Net Security. . “It will force organizations at all levels to rethink how they respond to a larger scale of sophisticated threats.”
Read more: Cybersecurity 101: How Businesses Can Mitigate Risk for 2022
With cybersecurity remaining a top priority for businesses in the new year, cybersecurity experts have also defined the biggest cybersecurity challenges facing businesses and other organizations. Here are a few:
1. An increase in supply chain attacks
Joanna Burkey, chief information security officer at tech giant Hewlett-Packard (HP), noted that supply chain attacks will continue to present new opportunities for cybercriminals this year.
“With the Kaseya breach – which affected over 1,500 businesses – we saw that supply chain attacks can be financially rewarding,” she told the UK news and information site. on Continuity Central risk management. “This could lead to the continued commoditization of the tactics, techniques and procedures (TTPs) used to carry out such attacks. This only adds fuel to the fire, giving threat actors more than enough incentive to exploit software supply chains. [in 2022].”
U.S.-Japan IT security solutions provider Trend Micro, meanwhile, highlighted how shortages and economic disruption would pave the way for threat actors to “hard targets for big payouts”.
“We anticipate that Access-as-a-Service (AaaS) brokers will be particularly interested in winning the residence and selling it to the highest bidder,” the company wrote in a post on its website.
The company also warned companies to keep an eye out for the rise of the “quadruple extortion model,” which involves “holding the victim’s critical data, threatening to disclose and publicize the breach, threatening to target their customers, and attacking victim’s supply chain. or partner suppliers. »
Read more: The real threats that businesses can no longer ignore
2. The evolution of ransomware attacks
Trend Micro predicts that ransomware will continue to evolve and remain prevalent this year, adding that it sees two emerging trends: “Modern ransomware will become increasingly targeted and prominent” and “Ransomware operators will use extortion tactics more complex such as the exfiltration of data to militarize them”. ”
“Commonly used attack vectors like VPNs, spear phishing emails, and exposed RDP ports will remain in play, but we expect the cloud to become a bigger target as more enterprises continue to migrate their data,” the company added. “Specifically, cloud and data center workloads will be the main playground for ransomware actors, due to an increased attack surface from less secure home work environments.”
Marr, meanwhile, expressed concern about the increase in ransomware attacks targeting critical infrastructure, which pose a serious threat to people’s lives.
“Worryingly, there has been an increase in these types of attacks targeting critical infrastructure, including one at a water treatment facility that briefly succeeded in altering the facility’s chemical operations in a way which could endanger lives,” he wrote. “Other ransomware attacks have targeted gas pipelines and hospitals.”
Extortion methods could also extend beyond the victim, said Alex Holland, senior malware analyst at HP.
“Ransomware operators will almost certainly step up the way they pressure victims to pay their claims,” he told Continuity Central. “Beyond data leak websites, attackers are using an increasingly wide variety of extortion methods, such as cold calling and contacting customers and business associates of victim organizations.”
Read more: Revealed: Cybercriminals’ best method for ransomware attacks
3. “Armalization” of firmware attacks
Firmware security is often overlooked by enterprises, with many implementing “much lower patch levels,” HP experts say. Firmware has thus become fertile ground for cyber threat actors to “gain long-term persistence or perform destructive attacks.”
“Last year, we also saw attackers perform reconnaissance of firmware configurations, likely as a prelude to exploiting them in future attacks,” Ian Pratt, global head of personal systems security, told Continuity Central. “Previously, these types of attacks were used only by nation-state actors. But over the next 12 months, TTPs to target PC firmware could spread, opening the door for sophisticated cybercrime groups to weaponize threats and craft a plan to monetize attacks.
“Certain industries where these attacks might be more likely should start thinking about the risks posed by the weaponization of malware and hardware-level exploits,” security advisory board member Robert Masse warned. “They are very difficult to detect, even at the best of times. Malicious processes and memory mapping bypasses will be hot topics in 2022, and we can also expect to see threat actors targeting CPUs, BIOS, and microcode as part of a revised kill chain. for ransomware attacks.
4. Personalized Phishing Tactics
Eley also sees increased personalization and personalization in the phishing methods used by cybercriminals this year.
“Organizations have increased staff training and awareness as phishing scams have become more common,” he wrote. “As a result, users are now more vigilant and can detect the most common phishing scams. To overcome this, attackers are evolving their strategies to make their attempts more authentic.
Eley added that phishing attacks would take on a more sophisticated form in 2022. Instead of relying on the usual tactics, he noted how attackers would develop new ways “to exploit more personalized and personalized attacks based on the information obtained from social media”, with these heightened personal attacks being more difficult to distinguish from genuine communications.
But with many organizations moving to hybrid working, Michael Howard, HP’s security and analytics practice leader, told Continuity Central that exposure to phishing attacks will continue to be a major issue.
“Every employee remains a target for attackers, with the sheer volume of unmanaged and unsecured devices creating a huge attack surface to defend against,” he said.
Read more: How to Stop Phishing Emails from Turning into a Disaster
5. New avenues for cyberattacks
Trend Micro expects cybercriminals to explore new technologies such as Java, Adobe Flash, and WebLogic to gain access to confidential information. The company is also seeing threat actors emulate the “shift left” approach to development, security, and operations (DevSecOps) by targeting the source of an organization’s infrastructure.
“We will see more malicious actors compromising DevOps tools and pipelines to target supply chains, Kubernetes environments, and infrastructure-as-code (IaC) deployments,” the company wrote. “Because developer tokens and passwords hold the key to an organization’s operations, using their credentials helps attackers stay under the radar while penetrating multiple layers of the network from a business.”
Read more: Are your clients making the most of the cloud to spread their risk?
6. New risks induced by 5G
As more companies look to invest in 5G technology to improve connectivity capabilities, Eley said 5G adoption will allow companies to create “new value from core network assets. and put their businesses on the digital transformation roadmap”.
However, he pointed out that implementing 5G comes with its own share of “challenges and complexities”.
“With 5G accelerating the growth of the Internet of Things, threat actors can take advantage of vulnerable connections and compromise smart devices to infiltrate network infrastructure,” he wrote. “Organizations must ensure that they are protected against all risks associated with 5G. Otherwise, they risk losing the benefits of a connected future. »